Learning outcomes

The course introduces the various aspects of the security of a computer system

  • methodological approach: risk based approach, threat modeling, attack trees
  • cryptography, authentication protocols, access control models
  • evaluation of the security of a system, elaboration of a security plan, in a layered approach

Goals

The objective of the course is first to make students aware of the need to integrate the security dimension in their approach to IT. It then seeks to give a global vision on the security of the information system by taking an interest in each component of this one and by asking the question of the threats and countermeasures applicable to each level. The ultimate objective is to equip the student to define a security plan based on a risk analysis.
 
 

Content

The course includes the following modules
  • Risk management
  • Elements of cryptography
  • Authentication protocols
  • Access control models and authorization management
  • Infrastructure security
  • Operating system security
  • Security and software development

Exercices

During the practical sessions, the student is put in a situation to analyse a system in order to discover, identify and exploit security flaws. In addition, in a more guided way, different types of attacks can be performed and tested on the basis of an existing tool.

Assessment method

The final grade includes the assessment of the course outcomes through the examination, as well as the assessment of the practical work, for which participation is compulsory.
 
The marks are weighted in the following proportions: 60% for the examination, 40% for the assignments. However, failure in the examination automatically results in failure of the course.
 
In the first session, the exam is written; it consists of short questions covering the whole subject, and a case study in which you have to carry out a risk analysis based on a case and propose a complete and detailed action plan. This is a similar exercise to the one carried out together in the chapter on risk analysis. The aim is to test your knowledge and skills as well as your reasoning ability. 
 
In the second session, the exam is oral; it also includes a case study, as well as one or more supplementary questions targeting a more precise point of the subject. Time is allowed for preparation to solve the case to be analysed. The grade of the assignment is automatically carried over if it is higher than 10. If not, a specific question is added to the oral exam.
 
In general, what is expected of you at the end of the course is to be able to mobilise the tools and approaches seen in the course to respond to a concrete situation. You can therefore expect to perform a summary risk analysis on the basis of a case, and to propose appropriate solutions, these solutions potentially falling under the different chapters of the course. 
 
Detailed expectations chapter by chapter
 
  • Methodology:
    • To know the security criteria, the concepts and process of a risk analysis, the means to measure the risk and its components, the risk treatment options, the lines of defence (prevention, detection, recovery)
    • Be able to carry out a summary risk analysis and propose a concrete, appropriate and realistic action plan based on the analysis carried out. This action plan must be broken down according to the different lines of defence
    • Be able to produce a credible attack tree
  • Cryptography
    • Know the different cryptographic primitives: encryption, digital fingerprinting, digital signature and digital certificate, the related security objectives, the implementation constraints, etc.
    • Be able to orchestrate them in a simple scenario
  • Authentication
    • Know the different authentication methods, their strengths and weaknesses, and be able to motivate the use of one or the other
    • Understand the different ways of managing digital identity data and identify their components and functions
  • Authorisation
    • Know the different access control models, their strengths and weaknesses, and be able to justify the use of one or the other
    • Understand the value of a decentralised approach to authorisation and identify its components and function
  • Security of the infrastructure
    • Be aware of the challenges to infrastructure security and possible solutions
    • Be able to propose a gradual solution to a risk of unavailability, taking care to articulate the different lines of defence (prevention, detection, recovery) and the types of countermeasures (technical, organisational, legal)
  • System security
    • Know the challenges for the security of the system software and the possible solutions
    • Be able to propose a complete solution to these challenges, taking care to articulate the different lines of defence (prevention, detection, recovery) and the types of countermeasures (technical, organisational, legal)
  • Software security
    • Know the different stages of the software development life cycle and the measures applicable to each of them
    • Be able to complete a use case with malicious behaviour and remediation according to the misuse case approach
    • Know the main types of software vulnerabilities and the remediation options
    • Be able to identify and describe in technical detail the software vulnerabilities that have been presented and the appropriate countermeasures

Sources, references and any support material

  • Allen, Julia H., et al. Software Security Engineering: A Guide for Project Managers. Addison-Wesley Professional, 2008.
  • Anderson, Ross J. Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley, 2008.
  • Calder, Alan, and Steve Watkins. IT Governance: A Manager's Guide to Data Security and ISO 27001 / ISO 27002. Kogan Page, 2008.
  • Gollmann, Dieter. Computer Security. Wiley, 2006.
  • Schneier, Bruce. Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition. Wiley, 1996.

Language of instruction

Français