Module title: e-Security (D/L)

SCQF level: 11:
SCQF credit value: 20.00
ECTS credit value: 10

Module code: CSN11117
Module leader: Bill Buchanan
School School of Computing
Subject area group: Cyber Security and Networking
Prerequisites

N/A

2019/0, Trimester 2, ONLINE, Edinburgh Napier University
Occurrence: 001
Primary mode of delivery: ONLINE
Location of delivery: MERCHISTON
Partner: Edinburgh Napier University
Member of staff responsible for delivering module: Bill Buchanan
Module Organiser:


Learning, Teaching and Assessment (LTA) Approach:
Learning and teaching methods including their alignment to LOs
The lecture material will present the fundamental areas of the module, along with practical demonstrations, and will be assessed through Class Test 1 [LO1 & 2], Class Test 2 [All LOs] and a coursework assessment [LO3]. A range of web-based applications has also been developed to show complex methods.
Students interested in network security can download the simulator software (NetworkSims) at the start of the module, along with an e-Book, teaching pack, Network Security 1 challenges, and so on. Full online support is integrated in the simulator. The package also contains tests, stimulating challenges, demonstration movies, and automated updates. It contains a completely managed learning environment, where the students can track their performance.
Students interested in .NET Security will be able to download a range of software solutions which illustrate key concepts.
Online support is given through email.
Assessment (formative and summative)
There will be different methods of assessment:
* Coursework [40%]: this will cover LO3 and will be released early in the trimester. Students will be asked to do a literature review on an important security topic and then design, implement and evaluate their own solution. The deadline will be at the end of the trimester.
* Class test [30%]: this is aligned to LO1 and LO2 and will consist of short answer questions. The questions will be a mix of both describing and critically analysing key security or cryptographic concepts. The test will be in-class and will take place at around mid-point of the trimester.
* Class test [30%]: this class test will consist of short answer questions covering all LOs of the module.

Formative Assessment:
The University is currently undertaking work to improve the quality of information provided on methods of assessment and feedback. Please refer to the section on Learning and Teaching Approaches above for further information about this module’s learning, teaching and assessment practices, including formative and summative approaches.

Summative Assessment:
The University is currently undertaking work to improve the quality of information provided on methods of assessment and feedback. Please refer to the section on Learning and Teaching Approaches above for further information about this module’s learning, teaching and assessment practices, including formative and summative approaches.

Student Activity (Notional Equivalent Study Hours (NESH))
Mode of activityLearning & Teaching ActivityNESH (Study Hours)
Online Lecture 26
Online Practical classes and workshops 26
Independent Learning Guided independent study 148
Total Study Hours200
Expected Total Study Hours for Module200


Assessment
Type of Assessment Weighting % LOs covered Week due Length in Hours/Words
Practical Skills Assessment 40 1 & 2 12 HOURS= 40, WORDS= 0
Digital Examination (not Centrally Timetabled) 30 3 9 HOURS= 1.5, WORDS= 0
Digital Examination (not Centrally Timetabled) 30 1,2,3 15 HOURS= 2, WORDS= 0
Component 1 subtotal: 100
Component 2 subtotal: 0
Module subtotal: 100

Description of module content:

The focus of this module is to provide a core understanding of the fundamental areas of cryptography and
host-based security. It focuses on two core areas:
Cryptography:
- Cryptography Fundamentals (GCD, Elliptic Curve, etc).
- Asymmetric Key Encryption. Including RSA and Elliptic Curve.
- Symmetric Key Encryption. Including AES and associated modes.
- Hashing and MAC Methods. Including MD5, SHA-1, SHA-256, SHA-3 and PBKDF2.
- Tunnelling. SSL/TLS, IPSec.
- Trust Infrastructures. Digital Certificates, Key Distribution Centres (Kerberos), Identity and role
integration (Key pair identity, multi-factor, biometrics).
- Key Exchange. Diffie-Hellman Method, ECDH.
- Blockchain, Distributed Ledgers and Cryptocurrency. Ethereum, Smart Contracts, Data
Tokenization.,Transactions.
- Future cryptography: Zero Knowledge Proof, Homomorphic Encryption, Light-weight cryptography,
Quantum robust methods.
Host-based integration with domain infrastructures:
- Practical authentication methods (Linux/Windows).
- Host data analysis using data analysis tools.
- Host and domain system rights. Active Directory. Log integration and rights.
- Security auditing best-practice for hosts. Active patch management. Risk assessments.

Learning Outcomes for module:

Upon completion of this module you will be able to:

LO1: Demonstrate advanced knowledge of key security principles and how these are implemented across software systems, network abstraction layers and hardware.

LO2: Explain and demonstrate a critical understanding of specific cryptographic algorithms and cryptosystems.

LO3: Implement, critically analyse and evaluate fundamental areas related to security, including current literature.

Indicative References and Reading List - URL:
Contact your module leader