CC2021 - Security in Computing (2017/18)
| Module specification | Module approved to run in 2017/18, but may be subject to modification | ||||||||||||
| Module title | Security in Computing | ||||||||||||
| Module level | Intermediate (05) | ||||||||||||
| Credit rating for module | 15 | ||||||||||||
| School | School of Computing and Digital Media | ||||||||||||
| Assessment components |
|
||||||||||||
| Running in 2017/18 | No instances running in the year |
Module summary
This module is concerned with the fundamentals of security in key areas of computing in terms
of understanding, controlling and managing the various risks and threats to computer-based
systems.
Semester: Spring
Prerequisite: Communications Networks (CC2009N); Operating Systems (CC2011N)
Assessment: Coursework 50% + Exam 50% (Pass on aggregate)
Prior learning requirements
Communications Networks (CC2009N); Operating Systems (CC2011N)
Module aims
The principal graduates attribute focused on in the module are A2 (performance in a variety of idioms and contexts) and A3 (creative and ethical).
This module aims to:
• provide understanding of key computer security issues and the solutions needed to mitigate
the various threats [A2];
• develop learners’ creative ability to confidently identify, analyse and evaluate various
computer security threats as a way of providing feasible and sustainable solutions [A3].
Syllabus
The main topics of study will include:
• General Security Problems:
attacks; computer criminals; computer security; methods of defence.
• Program Security:
secure programs; viruses and malicious code; controls against program threats.
• Security in Operating Systems:
user authentication; memory and address protection; file protections; control of access to
general objects; trusted operating systems.
• Database Security:
security requirements; integrity and reliability; inference; multilevel security.
• Security in Networks:
threats in networks; firewalls intrusion detection; secure email; security control.
• Legal, Privacy, and Ethical Issues:
protecting programs and data; information and the law; rights of employees and employers;
privacy; ethical issues.
• Cryptography:
traditional ciphers; symmetric encryption; public key encryption; digital signatures and
authentication; quantum cryptography.
Learning and teaching
Formal lectures, tutorials and workshops sessions will be used. All teaching and learning material will be hosted on the university’s online Virtual Learning Environment. A self contained module handbook will be used for relevant reading and for undertaking weekly exercises in the tutorials and workshops.
Learning outcomes
On successful completion of this module, students will be able to:
1. demonstrate a general understanding of computer security threats (including computer viruses
and malicious code, their detections and removals), vulnerabilities and controls [A2];
2. analyse and evaluate various computer security threats and provide practical solutions
to prevent, manage and mitigate those threats using existing methods, techniques and
tools [A3];
3. understand legal and ethical issues in computing [A2];
4. explain and analyse non-technical approaches and measures used to tackle computer
security risks [A2] [A3];
Assessment strategy
This module is ‘pass on aggregate’.
The assessment will consist of a practical coursework (50%) and a 2 hour unseen examination (50%). The coursework will involve developing practical solutions to computer security problems using appropriate methods, techniques and tools. Students will produce a report detailing their solutions to problems presented as part of some case study or scenario.The unseen examinations will further assess students’ broader understanding of the theoretical and practical aspects of the subject.
Students will be encouraged to complete weekly tutorial and workshop exercises to further develop their knowledge and practical skills in identifying and solving computer security related problems, as well as building their confidence in undertaking formal assessments. During tutorial and workshop sessions tutors will give ongoing support and feedback to students on their work, and where appropriate model solutions will be provided.
The learning outcomes will be assessed as follows:
Learning outcome Assessment element
1 Coursework and examination
2 Coursework and examination
3 Coursework and examination
4 Exam
Bibliography
1. Pfleeger, C.P & Pfleeger, S.L., 2007. Security in Computing. 4th ed. Prentice Hall.
2. Stallings, W., 2006. Cryptography and Network Security Principles and Practices. 4th ed.
Prentice Hall.
3. Stallings, W & Brown, L., 2008. Computer Security: Principles and Practice. Prentice Hall.