Learning outcomes

A the end of the course, the student will be able to describe and implement the methods, controls and tools that have been introduced in the course, in a consistent and integrated manner

 

Goals

This course is the sequel of INFOB301 (Computer Security 1) and addresses with more details and depth the security of the information system. Already presented concepts are further analysed, and new tools and methods are presented to evaluate and strengthen the security of an information system

Content

The content of the course will vary, depending on the evolution of attacks and technology; currently, the following elements are part of the programme:

  • méthode d'analyse de risques 
  • usages avancés de la cryptographie: Secure Multiparty Computation, Homomorphic encyrption, Identity/Attributed based encryption
  • forensics
  • privacy enhancing technologies
  • advanced pen test

 

Exercices

The course integrates an important practical part that puts the students in actual concrete situations

Assessment method

Assessment is made continuously during the course, throughout the different activities and readings. The final note is the aggregation of all notes acquired during the term

Sources, references and any support material

  • Allen, Julia H., et al. Software Security Engineering: A Guide for Project Managers. Addison-Wesley Professional, 2008.
  • Anderson, Ross J. Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley, 2008.
  • Calder, Alan, and Steve Watkins. IT Governance: A Manager's Guide to Data Security and ISO 27001 / ISO 27002. Kogan Page, 2008.
  • Gollmann, Dieter. Computer Security. Wiley, 2006.
  • Schneier, Bruce. Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition. Wiley, 1996.

Language of instruction

Français
Training Study programme Block Credits Mandatory
Standard 0 5
Standard 0 5
Standard 0 5
Standard 1 5
Standard 1 5
Standard 1 5