Foundations of Information Security
2012-2013 - IMT6021 - 5sp

Forventet læringsutbytte

Having completed the course, the student should have

  •  the ability to derive and apply modelling techniques used for secure computer systems and reasoning about them
  •  in-depth knowledge of selected access control mechanisms and their mathematical foundations as well as an in-depth understanding of identification and authentication mechanisms
  •  obtained a solid understanding of security analysis and developmental assurance techniques and issues

Emnets temaer

  •  Identification and authentication mechanisms including biometrics
  •  Access control models and formalisms
  •  Decidability results and limitations of access control and security models
  •  Security models including the Bell-LaPadula, RBAC, and Chinese Wall models
  •  Information-theoretic models of information flow and covert channels
  •  Developmental assurance and evaluation criteria

Pedagogiske metoder


Pedagogiske metoder (fritekst)

  •  Lectures
  •  Term paper




  Assessment consists of two parts, pass decision is on cumulative grade of both parts:
  - Part 1 is a written examination (3 hours), accounting for 33% of grade.
Candidates must achieve an 'A' or 'B' grade to gain the equivalent 'Pass' Grade.
   Internal and external examiners.
  - Part 2 is a term paper, accounting for 67% of grade.
   Term paper is evaluated by the lecturer.


Bestått/Ikke bestått


Evaluated by external and internal examiner.

Utsatt eksamen (tidl. kontinuasjon)

A new term paper must be provided and the examination must be re-sat next autumn.

Tillatte hjelpemidler (gjelder kun skriftlig eksamen)

Dictionary, simple calculator

Obligatoriske arbeidskrav



The following textbooks are the primary references; further recommended reading is provided in the course syllabus.

  •  M. Bishop: Computer Security: Art and Science. Addison-Wesley, 2003.
  •  D. Gollmann: Computer Security, 2nd edition Wiley, 2006

Supplerende opplysninger

Capacity of the course is limited to 50 students unless explicitly arranged by lecturer.