- Student Records
Programme & Unit Catalogues


CM50209: Security and integrity

Follow this link for further information on academic years Academic Year: 2012/3
Follow this link for further information on owning departmentsOwning Department/School: Department of Computer Science
Follow this link for further information on credits Credits: 6
Follow this link for further information on unit levels Level: Masters UG & PG (FHEQ level 7)
Follow this link for further information on period slots Period: Semester 2
Follow this link for further information on unit assessment Assessment: CW 100%
Follow this link for further information on supplementary assessment Supplementary Assessment: CM50209 Mandatory Extra Work (where allowed by programme regulations)
Follow this link for further information on unit rules Requisites:
Follow this link for further information on unit content Description: Aims:
(a) To develop an understanding of the difficulties of security - everyone wants it but no-one can define it.
(b) To develop the ability to analyse the security threats to a proposed design.
(c) To develop the ability to propose realistic counter-measures, where available.

Learning Outcomes:
After taking this unit, the student should be able to:
(1) describe common security models;
(2) discuss what it means for a given system to be 'secure';
(3) identify security weaknesses in proposed systems.

Skills:
Critical thinking (F, A). Defensive analysis and programming (T, F, A).

Content:
Philosophical, legal, ethical issues. What is a person? Passwords, user ids and biometrics. What are authorisation and delegation? What are data? Security against theft, destruction, interception, tampering. Some thoughts on physical security. Data Protection Act, Freedom of Information Act, Regulatory and Investigatory Powers Act. Military/government requirements for security.
Security within a computer. Hardware support for security: states and memory protection. memory mapping, virtual memory and security. The Unix Security model: chown, chgrp, setuid and chroot. Strengths and weaknesses of the Unix security model: common attacks.
The Multics security model. Capabilities.
Security within Databases. Protection against loss - two-phase commit. Protection against statistical queries: Denning's model.
Security within networks. 'Man in the middle' attacks. What does the 's' in https signify?
Case studies: Internet worm. Power attacks and other covert channels. A chain can be weaker than its weakest link: the Crouch-Davenport attack.
Follow this link for further information on programme availabilityProgramme availability:

CM50209 is Compulsory on the following programmes:

Department of Computer Science
  • USCM-AFM14 : MComp (hons) Computer Science and Mathematics (Full-time) - Year 4
  • USCM-AKM14 : MComp (hons) Computer Science and Mathematics with Industrial Placement (Full-time with Thick Sandwich Placement) - Year 5
  • USCM-AAM14 : MComp (hons) Computer Science and Mathematics with Study Year Abroad (Full-time with Study Year Abroad) - Year 5
  • TSCM-AFM23 : MSc Internet Systems and Security (Full-time)
  • TSCM-AFM27 : MSc Internet Systems and Security (Full-time)

CM50209 is Optional on the following programmes:

Department of Computer Science
  • RSCM-AFD02 : Doctor of Engineering (EngD) in Digital Media (Full-time)
  • USCM-AFM01 : MComp (hons) Computer Science (Full-time) - Year 4
  • USCM-AKM02 : MComp (hons) Computer Science (Full-time with Thick Sandwich Placement) - Year 5
  • USCM-AAM02 : MComp (hons) Computer Science with Study Year Abroad (Full-time with Study Year Abroad) - Year 5
  • TSCM-AFM19 : MSc Human Computer Interaction (Full-time)
  • TSCM-AFM25 : MSc Human Computer Interaction (Full-time)
  • TSCM-AFM21 : MSc Software Systems (Full-time)
  • TSCM-AFM29 : MSc Software Systems (Full-time)

Notes:
* This unit catalogue is applicable for the 2012/13 academic year only. Students continuing their studies into 2013/14 and beyond should not assume that this unit will be available in future years in the format displayed here for 2012/13.
* Programmes and units are subject to change at any time, in accordance with normal University procedures.
* Availability of units will be subject to constraints such as staff availability, minimum and maximum group sizes, and timetabling factors as well as a student's ability to meet any pre-requisite rules.