 | | |
| INFO0045-3 | Introduction to computer security
|
|
| Durée : | 30h Th, 10h Pr, 8h Labo., 30h Proj. |
|
| Nombre de crédits : |
| Master en ingénieur civil électricien, à finalité approfondie, 2e année | | 5 |
|
| Master en ingénieur civil en informatique, à finalité approfondie, 1re année | | 5 |
|
| Master en sciences informatiques, à finalité approfondie, 1re année | | 5 |
|
| Master en ingénieur civil en informatique, à finalité spécialisée en gestion, 1re année | | 5 |
|
| Master en sciences informatiques, à finalité spécialisée en gestion, 1re année | | 5 |
|
| Master en sciences informatiques | | 5 |
|
|
|
| Nom du professeur : | Benoît Donnet |
|
Langue(s) du cours :
|
| Langue anglaise |
|
Organisation et évaluation :
|
| Enseignement au deuxième quadrimestre |
|
Contenus du cours :
|
| The course alternates theoretical lessons with practical ones. Three main themes tackled during the semester are: cryptography, networking, and system security. The course is organized as follows:
Part 1: Cryptography
- Chapter 1: Mathematics for Cryptography
- Chapter 2: Concepts
- Chapter 3: Symmetric Cryptography
- Chapter 4: Asymmetric Cryptography
- Chapter 5: Authentication
- Chapter 6: Key Distribution
Part 2: Networking
- Chapter 1: Firewalls
- Chapter 2: Proxies
- Chapter 3: Intrusion Detection Systems
- Chapter 4: Network Attacks
- Chapter 5: Spam
- Chapter 6: Virology
Part 3: System Security
- Chapter 1: Passwords
- Chapter 2: Exploits
- Chapter 3: Biometry
- Chapter 4: Access Control
|
|
Acquis d'apprentissage (objectifs d'apprentissage) du cours :
|
| The objective of this course is to provide a first vision of the computer security and raise students awareness of computers security.
At the end of the course, students will be able to:
- defend needs of protection and security
- identify advantages and drawbacks, in term of security, of a computer system
- expose fundamental principles in the set-to against computer criminality
- develop a computer-based solution to a security issue
In addition, each student will develop several practical skills related to computer security. Each student will be able to use cryptographic Java libraries. Further, he will be able to set up firewall and NAT policies through iptables. Finally, any student will have the opportunity to improve his English skills. |
|
Prérequis et corequis / Modules de cours optionnels recommandés :
|
| Each student is supposed to be able to program with a classic programming language (C - course INF0902 for CE students or course INFO2050 for CS students) and object oriented language (Java - course INFO0062).
In addition, the student must have a basic knowledge of networking (course INFO0010), operating systems (course INFO0940) and computation structures (course INFO0012).
To make easier laboratory sessions, each student should be familiar with a Unix environment (Linux, Mac OS X, Free BSD, OpenBSD). |
|
Activités d'apprentissage prévues et méthodes d'enseignement :
|
| In addition to theoretical courses, weekly exercises lessons are organized in order to illustrate the theoretical lessons.
Those lessons are organized in class, or in front of a computer in the algorithmic laboratory.
Several assignments will be proposed during the semester.
The course is entirely given in English |
|
Mode d'enseignement (présentiel ; enseignement à distance) :
|
| The course is given during the 2nd semester. Theoretical lessons are based on slides. The audience is supposed to actively participate to lessons and to take additional notes. If possible, one or several seminars will be organized, seminars in which professional in computer security will give a talk. |
|
Lectures recommandées ou obligatoires et notes de cours :
|
| Slides are available, in printed format, at the Centrale des Cours. An electronic version (i.e., PDF) is also available on the course web page. Exercises are also available on the web page. Students are supposed to have, before each lesson, the slides and exercises.
None book is mandatory. However, for students willing to go further, those books might be a good starting point:
- M. T. Goodrich, R. Tamassia. "Introduction to Computer Security". Person Ed., International Edition. 2010.
- Wm. A. Conklin, G. G. White, C. Cothren, D. Williams, R. L. Davis. "Principles of Computer Secrutiy. Security+ and Beyond". Mc Graw Hill Higher Eduction Ed. 2004.
- W. Stallings. "Computer Security: Principles and Practice". Prentice Hall Ed. 2011.
- W. Stallings. "Cryptography and Network Security: Principles and Practice". Pearson Ed., International Edition. 2010.
- G. Avoine, P. Junod, P. Oechslin. "Computer System Security". EPFL Press. 2007.
- D. Vergnaud. "Exercices et Problèmes de Cryptographie". Editions Dunod. 2012.
- W. Du. "SEED: A Suite of Instructional Laboratories for Computer SEcurity EDucation". Syracuse University. 2011.
|
|
Modalités d'évaluation et critères :
|
| Students are graded in two ways: assignments and exam.
Assignments
During the semester, students will have to do three assignments. Those assignments must be done by group of two (you cannot change the groups between assignments).
There will be three assignments. The first assignment is about Cryptography (learning objective: Java cryptographic libraries, implementation of security protocols). This assignment counts for 10% of the final grade.
The second assignment is about networking (NATs and firewalls configuration through iptables). This assignment counts for 15% of the final grade.
In the third assignment, each group is required to give a 5 minute short presentation (+ 5min Q/A -- all in English) on recent information security related news published online (or in classic newspapers) after September, 15th, 2014. The score will be given based on (1) the relevance of the news to the course; and (2) the cogency of the presentation. This assignment counts for 5% of the final grade.
All in all, assignments count for 30% of the final grade.
Exam
The exam, in June, is mandatory and made of two parts
- Written Exam. It is about the practical part of the course (i.e., exercises). The exam lasts 4 hours (but normally, 3 hours should be enough). It counts for 20% of the final grade.
- Oral Exam. It is about the theoretical part of the course. Any student randomly selects one question and prepares its answer on the board. It counts for 50% of the final grade.
The exam (both written and oral) is done during the June session. In case of failure, any student can do a resit (for both written and oral) during the August session. Assignments (except if an exemption is given) should also be redone during the summer but, in this case, individually (the deadline will be the 1st day of the resit session). No support (Q/A sessions, explanations) will be provided, for the assignments, during the summer. |
|
Stage(s) :
|
| |
|
Remarques organisationnelles :
|
| Course web site: http://www.montefiore.ulg.ac.be/~bdonnet/info0045 |
|
Contacts :
|
| Teacher: Benoit Donnet (email(benoit.donnet@ulg.ac.be) -- Office 1.15 (B28)
)
TA: Yves Vanaubel |
|
|
| |
