Information must be protected for several reasons. Some information must be protected from eavesdroppers and some from unauthorized modification. Users must be authenticated and access to information must be controlled. At the same time, the number of Internet connected devices are increasing and so is the amount of information that we are able to access online. This course will give an introduction to the problems we are facing when designing security for computers, mobile devices and web applications. It will also give an overview of the solutions to these problems. The course focus will be on concepts and ideas, not on technical details. Still, the goal is to provide a good understanding of building blocks, attacks, and defenses. It is suitable for anyone that wants to have an increased general understanding of information security and how it affects the systems and products that we interact with in everyday life.
On completion of the course the student shall:
• Be able to discuss security aspects in an informed way
• Be able to understand design decisions related to security
• Be able to understand basic security principles on the Internet
• Be able to understand how security can be broken
• Be able to understand common ways of protecting computers and systems against attacks
• Be able to distinguish different security measures and explain where and why they are used
• Be able to understand how web accounts can be hijacked and how to protect against this
Principles for protecting stored and transmitted data
Security features in computers and applications
Security in electronic payment solutions
Security in Internet applications
Teaching and assessment
Teaching takes the form of lectures. Assessment is based on home exercises and written assignments. Students are awarded one of the following grades: Fail, Pass or Pass with Distinction.
Study period: Autumn semester, August - October