This module introduces the student to the issues that arise when we consider the security of computer networks and software systems including -
- What is security and needs to be secured?
- Malware attacks
- Cryptography fundamentals
- Security policies and mechanisms
- How best to coordinate security across IT networks
PRINCIPLES OF SECURITY
Information and IT systems (e.g. OS, applications, network, mobile, cloud based); What security hopes to achieve(Authentication, Authorisation, Confidentiality, Integrity, Availability)
RISKS AND VULNERABILITIES
Data Loss (e.g. accidental overwrites, hardware or software failure, etc.); Public networks and applications (e.g. Internet and Cloud, Mobile applications); Malicious attacks (e.g. Malware, Network, Software & Application Flaws (buffer overflow, failed validation, incomplete mediation, etc.); Application vulnerabilities, Social engineering (e.g. Phishing).
CRYPTOGRAPHY & SECURITY PROTOCOLS:
Symmetric cryptography; Public Key cryptography and PKI; Blockchain; Security Protocols (e.g for authentication and confidentiality); Issues of Cryptography (e.g key length, key, safety, passwords, etc.)
SECURITY MECHANISMS AND INCIDENT RESPONSE
Access Control (Passords, Biometrics, etc.); Preventions and Detection (e.g. physical security, systems update and patching, Backup mechanisms, Failover, Firewalls, Intrusion Detection Systems, Malware detection, etc.); Information Detritus; Audit Trail Analysis; Forensics (e.g. Tracing an attack, recovery, restoring backups, etc.)
SECURITY MANAGEMENT
Introduction to Security Policies, Models, and Architecture; Prevention versus Detection; Identifying user roles responsibilities; Running with least privilege; Ensuring a policy is workable, practical and desirable; Security Operations and Monitoring; Performing a security review; Ethical and Legal issues
Lectures, labs and independent study.
| Module Content & Assessment | |
|---|---|
| Assessment Breakdown | % |
| Formal Examination | 50 |
| Other Assessment(s) | 50 |