Module title: e-Security

SCQF level: 11:
SCQF credit value: 20.00
ECTS credit value: 10

Module code: CSN11102
Module leader: Bill Buchanan
School School of Computing
Subject area group: Computer Systems
Prerequisites

N/A

2018/9, Trimester 2, FACE-TO-FACE, Edinburgh Napier University
Occurrence: 001
Primary mode of delivery: FACE-TO-FACE
Location of delivery: MERCHISTON
Partner: Edinburgh Napier University
Member of staff responsible for delivering module: Bill Buchanan
Module Organiser:


Learning, Teaching and Assessment (LTA) Approach:
Learning and Teaching Methods Including Their Alignment to LOs
The lecture material will present the fundamental areas of the module, along with practical demonstrations, and will be assessed through Class Test 1 [LO1 & 2], Class Test 2 [All LOs] and a coursework assessment [LO3]. A range of web-based applications has also been developed to show complex methods.
Students interested in network security can download the simulator software (NetworkSims) at the start of the module, along with an e-Book, teaching pack, Network Security 1 challenges, and so on. Full online support is integrated in the simulator. The package also contains tests, stimulating challenges, demonstration movies, and automated updates. It contains a completely managed learning environment, where the students can track their performance.
Students interested in .NET Security will be able to download a range of software solutions which illustrate key concepts.
Online support is given through email.


Formative Assessment:
Assessment (formative and summative)
There will be different methods of assessment:
● Coursework [40%]: this will cover LO3 and will be released early in the trimester. Students will be asked to do a literature review on an important security topic and then design, implement and evaluate their own solution. The deadline will be at the end of the trimester.


Summative Assessment:
● Class test [30%]: this is aligned to LO1 and LO2 and will consist of short answer questions. The questions will be a mix of both describing and critically analysing key security or cryptographic concepts. The test will be in-class and will take place at around the mid-point of the trimester.
● Class test [30%]: this class test will consist of short answer questions covering all LOs of the module.


Student Activity (Notional Equivalent Study Hours (NESH))
Mode of activityLearning & Teaching ActivityNESH (Study Hours)
Face To Face Lecture 26
Face To Face Practical classes and workshops 26
Independent Learning Guided independent study 148
Total Study Hours200
Expected Total Study Hours for Module200


Assessment
Type of Assessment Weighting % LOs covered Week due Length in Hours/Words
Practical Skills Assessment 40 1,2 15 HOURS= 40, WORDS= 0
Class Test 30 3 10 HOURS= 1, WORDS= 0
Class Test 30 1,2 & 3 14 HOURS= 1, WORDS= 0
Component 1 subtotal: 100
Component 2 subtotal: 0
Module subtotal: 100

Description of module content:

The focus of this module is to provide a core understanding of the fundamental areas of cryptography and host-based security. It focuses on two core areas:

Cryptography:
- Cryptography Fundamentals (GCD, Elliptic Curve, etc).
- Asymmetric Key Encryption. Including RSA and Elliptic Curve.
- Symmetric Key Encryption. Including AES and associated modes.
- Hashing and MAC Methods. Including MD5, SHA-1, SHA-256, SHA-3 and PBKDF2.
- Tunnelling. SSL/TLS, IPSec.
- Trust Infrastructures. Digital Certificates, Key Distribution Centres (Kerberos), Identity and role integration (Key pair identity, multi-factor, biometrics).
- Key Exchange. Diffie-Hellman Method, ECDH.
- Blockchain, Distributed Ledgers and Cryptocurrency. Ethereum, Smart Contracts, Data Tokenization.,Transactions.
- Future cryptography: Zero Knowledge Proof, Homomorphic Encryption, Light-weight cryptography, Quantum robust methods.

Host-based integration with domain infrastructures:
- Practical authentication methods (Linux/Windows).
- Host data analysis using data analysis tools.
- Host and domain system rights. Active Directory. Log integration and rights.
- Security auditing best-practice for hosts. Active patch management. Risk assessments.

Learning Outcomes for module:

Upon completion of this module you will be able to:

LO1: Demonstrate advanced knowledge of key security principles and how these are implemented across software systems, network abstraction layers and hardware

LO2: Explain, and demonstrate a critical understanding of, specific cryptographic algorithms and cryptosystems

LO3: Implement, critically analyse and evaluate fundamental areas related to security, including current literature.

Indicative References and Reading List - URL:

Core - KIZZA, JOSEPH MIGGA (2013) A GUIDE TO COMPUTER NETWORK SECURITY: SPRINGER, 2nd ed. - ISBN: 9781849968
Core - BUCHANAN WJ (2008) INTRODUCTION TO SECURITY AND NETWORK FORENSICS: AUERBACH PUBLISHERS INC, 1st ed. - ISBN: 978084933568
Core - NIELS FERGUSON, BRUCE SCHNEIER (2003) PRACTICAL CRYPTOGRAPHY: WILEY, 1st ed. - ISBN: 9780471223
Click here to view the LibrarySearch.