COMPGA01 - Computer Security 1

This database contains the 2016-17 versions of syllabuses. Syllabuses from the 2015-16 session are available here.

Note: Whilst every effort is made to keep the syllabus and assessment records correct, the precise details must be checked with the lecturer(s).

CodeCOMPGA01 (Also taught as COMPM062)
YearMSc
PrerequisitesNone
Term1
Taught ByGeorge Danezis (100%)
AimsThis module provides an introduction to computer security concepts and techniques. It covers core security principles to engineer systems that provide certain properties, like confidentiality, integrity or availability, despite the efforts of malicious entities to subvert them. We will study military and commercial security design patterns, but also topics around privacy, censorship, or pervasive surveillance. All topics are approached from a security engineer perspective, but also from the perspective of someone who aims to bypass security protections.
Learning OutcomesStudents will learn how to recognise security properties of systems, as well as formulate security policies, and model the threats they may face. Through exposure to a number of established industry and government security mechanisms and design patterns, they will be able to select appropriate controls to guarantee that the security policies are robustly implemented and may sustain efforts to subvert them. Conversely, students will gain skills in analysing computer systems, and developing strategies to bypass security controls. 

Content:

The course is organized in 10 weekly topics. The first half of the course covers basic principles; access control; Linux and Android security; high-confidentiality government systems; high-integrity commercial systems, including banking and medical informatics. The second half dives into the details of technical protection mechanisms and computer attacks including hardware and operating system security mechanisms; web security and web attacks; authentication & identification; and applied cryptography.

The Computer Security 1 module provides strong foundations in security engineering, and enables students to easily follow further modules in Security and Cryptography.  

Method of Instruction:

Lecture presentations with associated class coursework.

Assessment:

The module has the following assessments:

  • Written Examination (2.5 hours) (85%)
  • Coursework (1 piece) (15%): Due in week 10 

To pass this module, students must:

  • Obtain a mark of at least 50% for the module overall.

Resources:

Dieter Gollmann "Computer Security" (3rd edition, but 2nd is also fine) - available in the UCL library
http://www.amazon.com/Computer-Security-Dieter-Gollmann/dp/0470741155

 

Ross Anderson "Security Engineering"
http://www.amazon.com/Security-Engineering-Building-Dependable-Distributed/dp/0470068523/
(Also available on-line at: http://www.cl.cam.ac.uk/~rja14/book.html