This database contains the 2018-19 versions of syllabuses.
Note: Whilst every effort is made to keep the syllabus and assessment records correct, the precise details must be checked with the lecturer(s).
None - new delivery for 1819
The module aims at giving students a foundation in computer security, cryptography and human aspects of security.
After taking the module students should be able to identify risks and security sensitive aspects of systems, where a system can range from a small and simple solution for a specific task to a full organisation including IT infrastructure and users. They will be taught this from the experience of how systems have failed in the past and by analysing systems from an adversarial viewpoint.
Students should also know core defensive techniques to prevent or mitigate attacks. They should be able to formulate a threat model for a system and reason about whether it is secure or insecure.
Students should be able to deliver effective security for real-world environments: how to design and manage security in organisations to effectively protect them.
On successful completion of the module, a student will be able to:
- understand how to formulate a threat model including the assets to be protected, the capabilities of the adversary, and reason about whether the probability the adversary may succeed.
- know core cryptographic methods to protect communication such as message authentication codes, digital signatures, encryption, and key exchange. Understand the security guarantees cryptographic tools provide and conversely how inappropriate use lead to vulnerabilities.
- understand key principles and concepts related to computer and systems security. Understand the complexities of building flexile and correct access control and authentication systems, from a technical and HCI perspective. Recognize and exploit common security vulnerabilities on hosts and networks.
- know that security involves people, processes and technology. Understand how security needs to fit with business goals and organisational processes to work effectively - rather than disrupt, create friction, and drain resources. Know the basics of how to influence and manage security behaviours of a range of organisational stakeholders - employees, managers, developers, security specialists.
Availability and prerequisites
This module delivery is available for selection on the below-listed programmes. The relevant programme structure will specify whether the module is core, optional, or elective.
In order to be eligible to select this module as optional or elective, where available, students must meet all prerequisite conditions to the satisfaction of the module leader. Places for students taking the module as optional or elective are limited and will be allocated according to the department’s module selection policy.
Programmes on which available:
There are no formal prerequisites.
The module gives students a foundation in computer security, cryptography and human aspects of security. Students will study attacks against system and analyse systems from an attacker’s perspective. The module will also cover core defensive techniques and develop threat models that can be used to analyse the security of a system. The module starts with specific cryptographic systems in the first 3 weeks, then the middle 4 weeks are dedicated to computer security, and in the last 3 weeks students will study security for real-world environments: how to design and manage security in organisations to effectively protect them.
An indicative reading list is available via http://readinglists.ucl.ac.uk/departments/comps_eng.html.
The module is delivered through a combination of lectures, tutorials, seminars, written and programming exercises, and project work.
This module delivery is assessed as below:
MCQ Examination (2 hours)
In order to pass this module delivery, students must:
- achieve an overall weighted module mark of at least 40%; and
- achieve a mark of at least 30% in any components of assessment weighed ≥ 30% of the module.
Where a component comprises multiple assessments, the minimum mark applies to the overall component.