Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSE-C3400 Information security

Published byAdela Robertson Modified over 6 years ago

Similar presentations

Presentation on theme: "CSE-C3400 Information security"— Presentation transcript:

1 CSE-C3400 Information security
Welcome to the course! Tuomas Aura CSE-C3400 Information security Aalto University, autumn 2015

2 Goals Learn the key concepts and abstractions of information security
Understand the purpose and function of several security technologies, as well as their limitations e.g. security policies , authentication, access control, cryptography, network security Be able to model threats and analyze the security of a system critically, from the viewpoint of an attacker Have some hand-on experience of security flaws in software Learn the adversarial mindset of security engineering Starting point for learning more

3 My background Lecturer: Tuomas Aura Research areas:
Professor at Aalto 2008– Microsoft Research, UK, 2001–2009 PhD from Helsinki University of Technology in 2000 Research areas: Security analysis of new technologies Security for ubiquitous computing, e.g. displays Security protocol engineering Network protocol security, DoS resistance Security without expensive infrastructure Privacy of mobile users Security of mobility protocols (Mobile IPv6, SEND, etc.)

4 Lectures Lecturer: Tuomas Aura 12 lectures in Sep-Oct 2015
Tuesdays 14:15-14 TU1 (TUAS building) Thursdays 14:15-16 AS1 (TUAS building) Attendance not mandatory but some material will only be covered in the lectures Lecture slides published in Noppa after each lecture Published slides include some additional pages not covered in the lectures No tutorial or exercise sessions to attend

5 T-110.2100 Johdatus tietoliikenteeseen, kevät 2010
Weekly exercises Goal: broadening the scope of the course with hands-on experience especially in software security Different from the content covered in the lectures and exam 6 exercise rounds, first round on second lecture week, last round on exam week Exercise problems in My Courses by Sunday each week (first round on 13 September 2015) Deadline one week later on Monday at 12:00 noon. Reports to be returned to Rubyric Course assistants Sanna Suoranta, Thanh Bui, Sid Rao, Debopam Bhattacherjee, Andi Bidaj Course assistants available for advice in the Playroom: Tuesday, Wednesdays and Thursday at 16:15-18 in room A120

6 Advice for the exercises
Programming skills are a prerequisite for this course Try to solve all problems at least partly Each exercise round has (a) and (b) parts, each worth 5 points. If you find the exercises hard, try to do the (a) part in every round as well as you can! Individual work: It is ok to discuss with other students but do not copy or even read the written solutions of other students. Do all practical experiments independently If you quote any text written by someone else, mark it clearly as a ”quotation” and give the source, e.g. [RFC 1234, section 5.6.7]

7 Assessment Examination Thu 22 Oct 2015 Remember to register for the exam two weeks earlier! Examination scope: lectures, recommended reading material, exercises, general knowledge of the topic area Marking: exam max. 30 points exercises max 6 x 10 = 60 points grading based on total points = exam + roundup(exercises / 5) (total max 30+12=42 points) Exercises are not mandatory but strongly recommended Try to do at least the (a) part of each exercise round. If you find the workload too high, not doing the (b) parts will cost some points, but you should still be able to pass the course Course feedback is mandatory

8 Approximate course contents
Computer security overview Access control models and policies Operating system security Cryptography User authentication Threat analysis Certificates and network security Data encryption Identity management Privacy Payment systems Current topics Subject to change

9 Recommended reading Dieter Gollmann, Computer Security, 3rd ed., 2011 (easy-to-read overview) Ross Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems, 2nd ed., 2008 (fun real-life stories) Matt Bishop, Introduction to computer security, 2004/2005 (for prospective research students)

10 Course development 2014 feedback
Students liked the hand-on exercises, helpful course assistants, lectures, threat analysis Some found the exercises hard (take lots of time, require programming skills) – that is why we now have the (a) and (b) parts Too hard to install Linux and Windows in VM for the first exercise round Exercise server down – we were lucky last year with few outages, but the lecturer and CSC caused some Not all material covered in the lectures – true, I always have many extra slides and don’t know what exactly can be covered Some ask for the lecture slides in advance – sorry, I make last minute changes Some have taken a course on security before and don’t learn much new (typically exchange students or double-degree students) Access control models are boring – abstractions will be useful later in your career but, to be honest, we start with the boring stuff to reduce the student numbers New in 2015 >260 registered students, big challenge to run the exercises smoothly, please be patient and the course alias if the server is down! Major and minor updates to the lectures

Download ppt "CSE-C3400 Information security"

Similar presentations

COMP 5138 Relational Database Management Systems Sem2, 2007 Lecture 0 Course Overview.

COMP 5138 Relational Database Management Systems Sem2, 2007 Lecture 0 Course Overview.
Computer Security 1 [COMPGA01] Nicolas T. Courtois - University College London.

Computer Security 1 [COMPGA01] Nicolas T. Courtois - University College London.
Humboldt University Berlin, University of Novi Sad, University of Plovdiv, University of Skopje, University of Belgrade, University of Niš, University.

Humboldt University Berlin, University of Novi Sad, University of Plovdiv, University of Skopje, University of Belgrade, University of Niš, University.
6/19/2015 Prof. Ehud Gudes Security Ch 1 1 Chapter 0 - Overview.

6/19/2015 Prof. Ehud Gudes Security Ch 1 1 Chapter 0 - Overview.
CSCD 330 Network Programming Winter 2012 Lecture 1 - Course Details.

CSCD 330 Network Programming Winter 2012 Lecture 1 - Course Details.
G53SEC Computer Security Introduction to G53SEC 1.

G53SEC Computer Security Introduction to G53SEC 1.
240-222 CPT: Prelim/01 Computer Programming Techniques v Objectives –to give some background on this subject 240-222 CPT, Semester 1 2001-2002 0. Preliminaries.

CPT: Prelim/01 Computer Programming Techniques v Objectives –to give some background on this subject CPT, Semester Preliminaries.
CS.402 Embedded Systems Introduction Duncan Smeed.

CS.402 Embedded Systems Introduction Duncan Smeed.
T-110.5291 Seminar on Network Security 2012. Today’s agenda 1.Overview and organization 2.English support 3.Course theme 4.Project topics 5.Timetable.

T Seminar on Network Security Today’s agenda 1.Overview and organization 2.English support 3.Course theme 4.Project topics 5.Timetable.
Introduction University of Sunderland CSEM02 Harry R Erwin, PhD Peter Dunne, PhD.

Introduction University of Sunderland CSEM02 Harry R Erwin, PhD Peter Dunne, PhD.
CSCD 330 Network Programming Fall/Winter/Spring 2014 Lecture 1 - Course Details.

CSCD 330 Network Programming Fall/Winter/Spring 2014 Lecture 1 - Course Details.
52.354 Communications Introduction Duncan Smeed. Administrivia  Resources  Syllabus  Textbook  Lecture Notes  One-Minute Papers  Tutorials  Practicals.

Communications Introduction Duncan Smeed. Administrivia  Resources  Syllabus  Textbook  Lecture Notes  One-Minute Papers  Tutorials  Practicals.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Introduction.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Introduction.
King Saud UniversityCSC112 - First Semester 2009- 2010 1 CSC 112 Java Programming I Introduction.

King Saud UniversityCSC112 - First Semester CSC 112 Java Programming I Introduction.
Share information Making own lecture materials WEB Discussions Tutorials Self-evaluations Simulation Feedback Course database Objectives:

Share information Making own lecture materials WEB Discussions Tutorials Self-evaluations Simulation Feedback Course database Objectives:
CSCD 330 Network Programming Winter 2015 Lecture 1 - Course Details.

CSCD 330 Network Programming Winter 2015 Lecture 1 - Course Details.
1 CDA 4527 Computer Communication Networking (not “analysis”) Prof. Cliff Zou School of Electrical Engineering and Computer Science University of Central.

1 CDA 4527 Computer Communication Networking (not “analysis”) Prof. Cliff Zou School of Electrical Engineering and Computer Science University of Central.
Cheating The School of Network Computing, the Faculty of Information Technology and Monash as a whole regard cheating as a serious offence. Where assignments.

Cheating The School of Network Computing, the Faculty of Information Technology and Monash as a whole regard cheating as a serious offence. Where assignments.
King Saud University1 CSC 112 Java Programming I Introduction.

King Saud University1 CSC 112 Java Programming I Introduction.
52.223 Low Level Programming Introduction & Recap Duncan Smeed.

Low Level Programming Introduction & Recap Duncan Smeed.

Similar presentations

Ads by Google