IT-Universitetet i København
  Tilbage Kursusoversigt
Kursusnavn (dansk):Security, BSc 
Kursusnavn (engelsk):Security, BSc 
Semester:Forår 2019 
Udbydes under:Bachelor i softwareudvikling (bswu) 
Omfang i ECTS:7,50 
Min. antal deltagere:15 
Forventet antal deltagere:
Maks. antal deltagere:68 
Formelle forudsætninger:Before taking this course you must: 

1. be familiar with computer networks 
2. be superficially familiar with scripting languages 
3. be familiar with the SQL query language 
4. know basic algorithms and data structures 
5. have implemented at least two medium-size programming projects (7.5 ECTS each) 
6. be able to design, implement, and test medium-sized programs in Java or C# or other mainstream languages. 
7. be familiar with basic discrete mathematics 

Fourth-semester BSWU students fulfil these requirements. Otherwise, individual requirements can be satisfied by taking the BSWU courses: (1) Mobile and Distributed systems, (3) Introduction to Database Design, (4) Algorithms and Data Structures, (5,6) Analysis, Design and Software Architecture, (7) Foundations of Computing - Discrete Mathematics. 

The student must always meet the admission requirements of the IT University. 
Moreover the student must always meet the admission requirements of the IT University. 
Læringsmål:After the course students should be able to:
• Identify, list, and discuss major principles of IT security
• Apply and relate those principles to the securing of networked server installations
• List and analyse standard attacks, especially on web applications in particular
• Describe and explain intrusion detection
• Identify, list, and explain common security pitfalls of web applications
• Identify, describe and explain basic computer forensics techniques
• Identify and describe the proper use of cryptography in security
• Analyse an IT-system for security risks and reflect on potential improvements of the system 
Fagligt indhold:The course addresses five major topics: 

* The principal security requirements and attacker models 
* The fundamental cryptographic tools in Information Security 
* Primary security protocols and Internet standards (PKI, TLS) 
* Practical techniques for penetrating and hardening IT-systems 
* Computer forensic techniques  

14 weeks of teaching consisting of lectures and exercises. Please note that the "Computer networks" lecture is not part of this course.
Coursework takes the following forms.

• Lectures introducing & discussing concepts.
• Exercises (self-study)
• Experimental lab work (self-study)
• Project work

Most weeks will have lectures, exercises and lab work. Lectures will introduce concepts, paving the way for exercises and lab work. You are expected to complete the exercises by yourself. In lab work, you will carry out experiments in order to better understand the motivation and methods for secure implementation and configuration of IT systems and to assess the effectivity and impact of security measures. The experiments will be based on an extensive script and virtual machines that include example applications, questions, and answers.

Some weeks—in particular during project and review—you are expected to be work independently; there are no lectures or exercise classes. However, TAs have office hours 3 times a week, where you can come and ask any question you might have, and we expect to use the learnit forums extensively for questions and answers.

Finally, you will also complete (in groups) a project:

• Based on a set of functional requirements, you will design and implement a prototypical IT system.
• You will conduct a security analysis and devise appropriate security measures for this system.
• You will then swap systems with another group, and carry out a security review of this other group's system.


Information about study structure

For students admitted from Autumn 2014 and later this course is part of the SDT AC track mandatory modules. For SDT DE track the course is part of the specialisation in Web Systems 

Obligatoriske aktivititer:To be eligible for the examination, you must: 

1. You must submit and have approved 2 mandatory exercise sets. 
2. You must submit and have approved 3 mini-projects. 
3. You must be present and participate actively in the course conclusion workshop. 

All deadlines will be announced on the course page on LearnIT. Note that peergrade assignments are not considered approved unless you have both submitted yourself, as well as submitted feedback for at least two other assignments. 

Be aware: The student will receive the grade NA (not approved) at the ordinary exam if the mandatory activities are not approved and the student will use an exam attempt 
Eksamensform og -beskrivelse:A11: Skriftlig eksamen (stedprøve) med adgang til internet, skriftlige og trykte hjælpemidler., (7-scale, external exam)

Exam questions will contain a sub-section on "Binary exploits and malicious code" not in the corresponding MSc exam.
The duration of the written examination is 4 hours.  

Følgende personer underviser på kurset:
NavnStillingUndervisertypeIndsats (%)
Søren Debois Lektor, Linjeleder(ITU) Underviser 35
Rosario Giustolisi Adjunkt(ITU) Kursusansvarlig 65
Frederik Madsen Videnskabelig assistent(ITU) Underviser 0
Emma Arfelt Kock Hjælpelærer(ITU) Hjælpelærer 0
Emil Christian Hørning Hjælpelærer(ITU) Hjælpelærer 0