Code

COMPM062 (Also taught as COMPGA01)

Year

4

Prerequisites

Term

1

Taught By

Nicolas Courtois (100%)

Aims

This module covers the principal issues in computer security. The ultimate goals of confidentiality, privacy, integrity and availability of computer data are services that are rarely achieved and sometimes not really achievable in practical computer systems. Instead we need to understand, circumscribe, mitigate and manage the risks at various levels: hardware security, access controls, security protocols, network security and overall systems security. We thoroughly study access control theory and practice, and secure authentication for various entities and components. We learn key principles of computer security such as privilege separation. Much attention is paid to deliberate actions of users, and programs such as exploits and malware, to study how these threats actually work, and how to thwart them through better engineering and explicit defensive technology.

Learning

Outcomes

Students will learn how to understand and analyse in detail all sorts of threats against modern computers, how the industry has attempted to solve these problems in the past, and learn the computer security engineering principles which allow one to develop better protection in the future. Students develop an holistic and complete understanding of computer security.

To be confirmed

Lecture presentations with associated class coursework and laboratory sessions.

The course has the following assessment components:

• Written Examination (2.5 hours, 85%)
• Coursework Section (1 piece, 15%)

To pass this course, students must:

• Obtain an overall pass mark of 50% for all sections combined

The examination rubric is:
TBC - please check with lecturer

M. Bishop, 'Computer Security', Addison-Wesley