Introduction to Information Security
2009-2010 - IMT6011 - 5sp

Forventet læringsutbytte

Having completed the course, the student should have

  • developed an advanced understanding of core issues from different sub-areas of information security research including security models, cryptography, network and operating system security, security management, and security engineering
  • achieved in-depth knowledge on one of the core areas through independent study
  • developed analytical skills enabling them to critically assess research publications and presentations

Emnets temaer

  • Key results in the theory and modelling of information security
  • Network security
  • Operating system security
  • Human factors in security
  • Security engineering and assurance
  • Cryptography and cryptanalysis
  • Database security
  • Security management
  • Anonymity and privacy

Pedagogiske metoder

Annet

Pedagogiske metoder (fritekst)

  • Lectures
  • Seminar discussions

Vurderingsformer

Annet

Vurderingsformer

Students must provide two papers. One is a term paper on a topic chosen by the student in coordination with the lecturer (see below), the other is a final report which at least two other areas beyond those covered by the student in the term paper must be described concisely.

  • Term paper: 67%
  • Final report: 33%.
  • Both parts must be passed.

Karakterskala

Bokstavkarakterer, A (best) - F (ikke bestått)

Sensorordning

Evaluated by external and internal examiner.

Utsatt eksamen (tidl. kontinuasjon)

The whole subject must be repeated.

Tillatte hjelpemidler (gjelder kun skriftlig eksamen)

Dictionaries.

Obligatoriske arbeidskrav

Students are required to prepare a term paper on one of the subject areas covered in the course in coordination with and approved by the lecturer and must provide a presentation of results and findings in a seminar. The delivery date for the term paper is arranged individually to match the seminar schedule.

Læremidler

Textbooks, monographs, and research articles including but not limited to:

  • M. Bishop: Computer Security: Art and Science.Addison-Wesley, 2003.
  • M. A. Harrison, W. L. Ruzzo, J. D. Ullman: Protection in Operating Systems. Communications of the ACM 19(8):461-471 (1976)
  • C. E. Landwehr: Formal Models for Computer Security. ACM Computing Surveys 13(3):247-278 (1981)
  • D. Dolev and A. C. Yao: On the security of public key protocols. IEEE Transactions on Information Theory, IT-29(2):198–208, 1983
  • J. Goubault-Larrecq: Towards Producing Formally Checkable Security Proofs, Automatically Proceedings of the 21st IEEE Computer Security Foundations Symposium (CSFW 2008), IEEE, Pittsburgh, PA, USA, June 2008, pp. 224-238.
  • L. F. Cranor and S. Garfinkel: Security and Usability: Designing Secure Systems that People Can Use O’Reilly, 2005
  • J. C. Brustoloni and R.Villamarin-Salomon: Improving Security Decisions with Polymorphic and Audited Dialogs. Proceedings of the 3rd Symposium on Usable Privacy and Security (SOUPS'2007), ACM, Pittsburgh, PA, USA, July 2007, pp. 76-87.
  • W. Diffie and M. Hellman: New Directions in Cryptography. IEEE Transactions on Information Theory 22(6):644-654 (1976)
  • R. L. Rivest, A. Shamir,, and L. Adleman: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21(2):120-126 (1978)
  • E. Bertino and R. Sandhu: Database Security - Concepts, Approaches, and Challenges. IEEE Transactions on Dependable and Secure Computing 2(1):2-19 (2005)
  • J. Vaidya and C. Clifton: Privacy-Preserving Decision Trees over Vertically Partitioned Data. ACM Transactions on Knowledge Discovery from Data 2(3):14 (2008)
  • K. Thompson: Reflections on Trusting Trust Communications of the ACM 27(8):761-763 (1984)
  • J. Feigenbaum, A. Johnson, and P. Syverson: A Model of Onion Routing with Provable Anonymity" Proceedings of the 11th International Conference Financial Cryptography and Data Security (FC 2007), Vol. 4886 of Lecture Notes in Computer Science. Trinidad/Tobago, Feb. 2007, Springer-Verlag.
  • E. Peeters, F.-X. Standaert, and J.-J. Quisquater: Power and Electromagnetic Analysis: Improved Model, Consequences, and Comparisons Integration: The VLSI Journal 40(1):52-60 (2007)
  • D. Agrawal, B. Archambeault, J. R. Rao, and P. Rohatgi: The EM Side-Channel(s) Proceedings of Cryptographic Hardware and Embedded Systems (CHES 2002), Vol. 2523 of Lecture Notes in Computer Science, Lausanne, Switzerland, Sep. 2002, Springer-Verlag.

Supplerende opplysninger

The course will be limited to 12 students except by arrangement with the lecturer.