Description of Course Unit: Computer Systems Security
| Code: | EIC0072 | Acronym: | SSIN |
| Keywords | |
|---|---|
| Classification | Keyword |
| OFICIAL | Operating Systems and Networks |
Instance: 2017/2018 - 2S 
| Active? | Yes |
| Web Page: | |
| Responsible unit: | Department of Informatics Engineering |
| Curso/CE Responsável: | Master in Informatics and Computing Engineering |
Study cycles/ courses
| Acronym | No. of students | Study Plan | Curricular Years | Credits UCN | Credits ECTS | Contact hours | Total Time |
|---|---|---|---|---|---|---|---|
| MIEIC | 32 | Plano de estudos a partir de 2009/10 | 4 | - | 6 | 42 | 162 |
Teaching - Hours
| Recitations: | 3,00 |
| Type | Teacher | Classes | Hour |
|---|---|---|---|
| Recitations | Totals | 2 | 6,00 |
| José Manuel de Magalhães Cruz | 3,00 | ||
| António Miguel Pontes Pimenta Monteiro | 3,00 |
Changed fields: Teaching methods and learning activities, Fórmula de cálculo da classificação final, Provas e trabalhos especiais, Avaliação especial, Melhoria de classificação, Bibliografia Complementar, Observações, Componentes de Avaliação e Ocupação, Palavras Chave, Bibliografia Obrigatória, Programa
Teaching language
EnglishObjectives
This Course aims the study of IT security systems, in order to provide students with a basic understanding of the concepts and of the threats and defenses to the misuse and operational destruction of these systems.
Learning outcomes and competences
At the end of this course unit, the students that have passed should be able to: - describe the security fundamentals of computer systems; - specify a security policy for a typical computer system and select the adequate mechanisms for enforcing the policy and for verifying its compliance; - analise a typical communication channel and identify its associated main protection levels or the ones that should be in use; - study, program and operate some security devices and tecniques in real situations.
Working method
PresencialPre-requirements (prior knowledge) and co-requirements (common knowledge)
Basic knowledge of programming, networks, operating systems and distributed systems.
Programme
1. Fundamental concepts.
2. Secure coding
3. Cryptography
4. OS security, policies and trusted computing
5. Distributed systems security
6. Web security
Practical classes: Practical aspects in networks, systems and in
programming.
Mandatory literature
William Stallings, Lawrie Brown; Computer Security: Principles and Practice, 4th Edition, Pearson, 2018. ISBN: 9780134794105Seacord Robert C.; Secure coding in C and C++. ISBN: 0-321-33572-4
Complementary Bibliography
Bishop Matt; Introduction to Computer Security. ISBN: 0-321-24744-2Fred Long, Dhruv Mohindra, et al; The CERT Oracle Secure Coding Standard for Java, Pearson, 2012. ISBN: 978-0-321-80395-5
Justin Richer, Antonio Sanso; OAuth 2.0 in Action, Manning, 2017. ISBN: 9781617293276
Teaching methods and learning activities
The classes will consist of the exposition and discussion of contents,
followed by the presentation of examples and complemented with periods of
search and study of techniques and case studies published in the literature and
in the Web.
Practical classes for solving problems with coding, relative to concrete
scenarios.
Presentation, by the students, of specific topics illustrating the security
issues studied and materialised on the proposed mini projects.
Keywords
Technological sciences > Technology > Information technology > Security technologyType of assessment
Distributed evaluation with final examAssessment Components
| Designation | Peso (%) |
|---|---|
| Exame | 50,00 |
| Trabalho escrito | 40,00 |
| Trabalho laboratorial | 10,00 |
| Total: | 100,00 |
Amount of time allocated to each course unit
| Designation | Time (Hours) |
|---|---|
| Elaboração de projeto | 40,00 |
| Estudo autónomo | 60,00 |
| Frequência das aulas | 34,50 |
| Trabalho laboratorial | 27,50 |
| Total: | 162,00 |
Eligibility for exams
As specified in the current FEUP's General Evaluation Rules.
Calculation formula of final grade
0,5 F + 0,5 E = 0,4 P + 0,1 L + 0,5 E where: F - distributed evaluation's grade E - written exam's grade P - mini project's grade L -lab grade (1 report)
Examinations
All through the course unit, the students are encouraged to make a set of lab exercises. Also along the course, groups of students should perform a mini project specified in more detail in a separate document. These mini projects include: the study and planning of the assigned topic, the development of the theme out of classes' hours and the presentation of the final product in the final classes. The mini projects' themes and their assignment to the students will be validated by the teacher; members of the same group may have a different classification in this item, due to inequivocal differences of contribution in the global effort.
Special assessment (TE, DA, ...)
All components of evaluation apply to all students, whatever their enrollment type is, because a regular presence in the classroom is not required. The special examinations allowed by law consist of a written test identical to the exam in the normal evaluation period and the implementation of a mini project similar to those offered in the semester. The theme and the development time will be settled and presented to the student. The final grade is calculated by the following formula: 0,4 P + 0,6 E where: P - grade of mini project E - grade of written exam
Classification improvement
Classification improvement is possible, by choice of the student, in the component of the written test and the mini project. The written test will be identical to the exam in the normal evaluation period; a new mini project, similar to those offered in the semester, can be performed and presented in the next occurrence. The theme of the new mini project and its development time will be similar to the ones of the last occurrence. The final grade is calculated by the following formula: 0,4 P + 0,6 E where: P - grade of (new or previous) mini project E - grade of (new or previous) written exam
Observations
Pre-requirements: basic knowledge of programming, networks, operating systems and distributed systems. All examinations are individual, written, with no personal documentation allowed for consultation; the final presentation of the mini project's results is presential; the mini-test has a duration of 30 minutes, all written exams have a duration of 2 hours. Important comment: the student who shows dishonest academic behavior will be reported to the Director.