Babes-Bolyai University of Cluj-Napoca
Faculty of Mathematics and Computer Science
Study Cycle: Master
SUBJECT
| MID1028 | Computer System Security |
| Teaching Staff in Charge |
Assoc.Prof. ROBU Judit, Ph.D., robu cs.ubbcluj.ro |
| Aims |
|
By the end of the course students should:
– be familiar with the most common security terms and concepts – have a basic understanding of the most commonly used attack techniques and protection mechanisms – have gained basic insight into aspects of modern cryptography and its applications – appreciate the range of meanings that $security$ has across different applications |
| Content |
|
– Introduction to computer security. Basic concepts, threat models, common security goals.
– Cryptography and cryptographic protocols, including encryption, authentication, message authentication codes, hash functions, one-way functions, public-key cryptography, secure channels, zero knowledge in practice, cryptographic protocols and their integration into distributed systems, and other applications. – Software security. Secure software engineering, defensive programming, buffer overruns and other implementation flaws. Language-based security: analysis of code for security errors, safe languages, and sandboxing techniques. – Operating system security. Memory protection, access control, authorization, authenticating users, enforcement of security, security evaluation, trusted devices, digital rights management. – Network security. Firewalls, intrusion detection systems, DoS attacks and defense. Case studies: DNS, IPSec. – Malicious code analysis and defense. Worms, spyware, rootkits, botnets, etc., and defenses against them. – Web security. XSS attacks and defenses, etc. |
| References |
|
1. Dieter Gollmann: Computer Security, 2nd Edition (Wiley, 2006)
2. Ross Anderson: Security Engineering, 2nd Edition (Wiley, 2008) 3. Charles P. Pfleeger, Shari Lawrence Pfleeger: Security in Computing, 4th Edition (Prentice Hall, 2006) 4. Simon Singh: Kódkönyv. A rejtjelezés és rejtjelfejtés története, Park Könyvkiadó, 2001; în engleză: http://www.simonsingh.net/Shop_-_Crypto_CD-ROM.html |
| Assessment |
|
homeworks and seminar projects 60%
final exam 40% |
| Links: | Syllabus for all subjects Romanian version for this subject Rtf format for this subject |