Module title: e-Security

SCQF level: 11:
SCQF credit value: 20.00
ECTS credit value: 10

Module code: CSN11102
Module leader: Bill Buchanan
School School of Computing
Subject area group: Computer Systems
Prerequisites

N/A

2018/9, Trimester 2, Face-to-Face, Edinburgh Napier University
Occurrence: 001
Primary mode of delivery: Face-to-Face
Location of delivery: MERCHISTON
Partner: Edinburgh Napier University
Member of staff responsible for delivering module: Bill Buchanan
Module Organiser:


Learning, Teaching and Assessment (LTA) Approach:
Learning and Teaching Methods Including Their Alignment to LOs
The lecture material will present the fundamental areas of the module, along with practical demonstrations, and will be assessed through Class Test 1 [LO1 & 2], Class Test 2 [All LOs] and a coursework assessment [LO3]. A range of web-based applications has also been developed to show complex methods.
Students interested in network security can download the simulator software (NetworkSims) at the start of the module, along with an e-Book, teaching pack, Network Security 1 challenges, and so on. Full online support is integrated in the simulator. The package also contains tests, stimulating challenges, demonstration movies, and automated updates. It contains a completely managed learning environment, where the students can track their performance.
Students interested in .NET Security will be able to download a range of software solutions which illustrate key concepts.
Online support is given through email.
Assessment (formative and summative)
There will be different methods of assessment:
● Coursework [40%]: this will cover LO3 and will be released early in the trimester. Students will be asked to do a literature review on an important security topic and then design, implement and evaluate their own solution. The deadline will be at the end of the trimester.
● Class test [30%]: this is aligned to LO1 and LO2 and will consist of short answer questions. The questions will be a mix of both describing and critically analysing key security or cryptographic concepts. The test will be in-class and will take place at around the mid-point of the trimester.
● Class test [30%]: this class test will consist of short answer questions covering all LOs of the module.


Formative Assessment:
The University is currently undertaking work to improve the quality of information provided on methods of assessment and feedback. Please refer to the section on Learning and Teaching Approaches above for further information about this module’s learning, teaching and assessment practices, including formative and summative approaches.

Summative Assessment:
The University is currently undertaking work to improve the quality of information provided on methods of assessment and feedback. Please refer to the section on Learning and Teaching Approaches above for further information about this module’s learning, teaching and assessment practices, including formative and summative approaches.

Student Activity (Notional Equivalent Study Hours (NESH))
Mode of activityLearning & Teaching ActivityNESH (Study Hours)
Face To Face Lecture 26
Face To Face Practical classes and workshops 26
Independent Learning Guided independent study 148
Total Study Hours200
Expected Total Study Hours for Module200


Assessment
Type of Assessment Weighting % LOs covered Week due Length in Hours/Words
Practical Skills Assessment 40 1,2 15 HOURS= 40, WORDS= 0
Class Test 30 3 10 HOURS= 1, WORDS= 0
Class Test 30 1,2 & 3 14 HOURS= 1, WORDS= 0
Component 1 subtotal: 100
Component 2 subtotal: 0
Module subtotal: 100

Description of module content:

The aim of the module is to develop a deep understanding of advanced areas related to security that will allow graduates to act professionally in the design, analysis, implementation, evaluation, and reporting of security strategies. An outline of the main areas includes:

? Security Threats, Secure Infrastructures, Threat Detection.

? Encryption Techniques, Algorithms, Key Management and Exchange Methods, Weaknesses.

? Authentication methods.

? Message hash (MD5, SHA), Digital Signatures, and Digital certificates, MAC methods, Biometrics, Claims-based Identity, Multi-factor authentication, Kerberos.

? Advanced Secure communications and crypto-systems such as SSL

? Intrusion Detection Systems: Techniques applied IDS using Snort, Distributed/Agent-based, Signature/ Anomaly detection and current research.

? Security in Network Architectures: Overview of interconnected security systems, Domain infrastructures, OS/Web Stacks, Password Security, Identity Infrastructures, Backups/File Synchronisation, Web/Data Infrastructures.

? Software security: .NET framework security, Obfuscation, Role-based security, bugs vs vulnerabilities vs exploits, malware, software threats, compiled v interpreted languages, Run-time Environments, Sandboxing, Trusted Computing, Software Security Compliance Testing, Secure Coding, good practice.

* Wireless Security: Layered security and wireless protocols, Encryption/Authentication Infrastructures, Challenge-based protocols, Wireless Cyber Threats and Mitigation (such as DoS, Attack Vectors, and MITM).

Learning Outcomes for module:

Upon completion of this module you will be able to:

LO1: Demonstrate advanced knowledge of key security principles and how these are implemented across software systems, network abstraction layers and hardware

LO2: Explain, and demonstrate a critical understanding of, specific cryptographic algorithms and cryptosystems

LO3: Implement, critically analyse and evaluate fundamental areas related to security, including current literature.

Indicative References and Reading List - URL:

Core - KIZZA, JOSEPH MIGGA (2013) A GUIDE TO COMPUTER NETWORK SECURITY: SPRINGER, 2nd ed. - ISBN: 9781849968
Core - BUCHANAN WJ (2008) INTRODUCTION TO SECURITY AND NETWORK FORENSICS: AUERBACH PUBLISHERS INC, 1st ed. - ISBN: 978084933568
Core - NIELS FERGUSON, BRUCE SCHNEIER (2003) PRACTICAL CRYPTOGRAPHY: WILEY, 1st ed. - ISBN: 9780471223
Click here to view the LibrarySearch.