OBS: detta är en informationssida, kursen ges genom LiUs e-learning-system lisam
TSIT02 Computer security
The course takes place in period HT2 and can be included in several of our longer educations, is compulsory for students taking the security profile and is also taken by many Master’s students, Erasmus students and others. There is a list below that briefly describes the course content, a description of the course goals can be found on another page.
The lectures and all literature is in English.
Organisation
There are 12 two-hour lectures, two guest lectures, and a lab course that spans the entire course duration. Two two-hour coaching sessions are reserved for each lab group.
Contact information
Main lecturer:
Lecturers:
Ingemar Ragnemalm, Joakim Argillander
Examiner:
Teaching assistant:
Biometry lecturer:
Ingo Hölscher, LiU-IT
Legal lecturer:
Anna Süpke and Johannes Hassmund
Literature
The textbooks we use for this course are Computer Security: Principles and Practice, 3rd Edition and Ross Anderson: Security Engineering (Wiley, 2008). The second book is available online, free of charge, at the author’s homepage. We won’t use the book too much during the course so we recommend the online version.
Course plan
| Lecture 1 | Brief history, terminology, measuring security | Guilherme | Ch 1, 25.5 |
| Lecture 2 | Authentication, tokens, biometry | Ingo | Ch 15 |
| Lecture 3 | Access control | Jonathan | Ch 4.1-4.2.2, 8.1-8.3, 9.2.1 |
| Lecture 4 | Web security, penetration testing, lab preparation | Niklas | N/A |
| Lecture 5 | Authentication, tokens, biometry (continued) | Ingo | Ch 15 |
| Lecture 6 | Implementation examples and Virtualization | Guilherme | Ch 4.2.3, 4.2.5, 4.2.7, 4.2.9-4.2.10, 8.5 |
| Lecture 7 | Database security and software security (briefly) | Guilherme | Ch 4.2.8, 4.4.1-4.4.2, |
| Lecture 8 | Cryptography as a security tool | Jan-Åke | N/A |
| Lecture 9 | Key management and trust, side channel attacks | Guilherme | N/A |
| Lecture 10 | Legal perspectives on computer security | Anna and Johannes | N/A |
| Lecture 11 | Communication and network security | Guilherme | Ch 21 |
| Lecture 12 | Social engineering, New access control paradigms, DRM, the Cloud | Guilherme | N/A |
| Guest lecture | See the guest lecture . | ||
Updated lecture slides appear shortly after each lecture on Lisam, and the chapter ref. is to Ross Anderson: Security Engineering (Wiley, 2008)
Laborations
The Lab PM will be available on Lisam on the second week of the course. The lab does not start until the end of the third week. More details will be given in Lecture 5 and in the Lab PM.
Guest lectures
These seminars are not a compulsory part of the course, but provide interesting insight in how security is used in the industry.
Guest lecture 1: SAAB.
Date: 29th of November at 13:15
Location: A2
Guest lecture 2: Sectra Communications.
Title: Practical defense against nation state actors in OT environments
Date: 12th of December at 13:15
Location: A1
This lecture will deep dive into how it is to work in a Security Operations Center (SOC) and what the every day to day work is for a security analyst, threat hunter and a detection engineer, and how they help secure critical infrastructure against large scale attacks. We will also talk about the common attack behavior framework MITRE ATT&CK and why it is important to analyze behaviors rather than tools and IP addresses. Lastly we will show a practical example of how an attack is detected and how it can be analyzed.
Examination
A written examination three times a year. See the central schedule for examinations. Previous exams can be found in Lisam.
The examination will contain questions from the level of merely repeating and explaining facts to drawing advanced conclusions from knowledge in the subject. In order to pass, a student should be able to repeat facts about basic principles and typical countermeasures, to understand the concepts used, and to identify relevant basic security concepts in simple situations. For higher grades, the student should be able to do more detailed analyses, to apply general concepts in more complex situations and to draw conclusions from this application of general principles. Knowledge of specific details in products and protocols, such as how to change permissions in UNIX, how to use an NSF log, etc is not required.