Learning outcomes

The course introduces the various aspects of the security of a computer system

  • methodological approach: risk based approach, threat modeling, attack trees
  • cryptography, authentication protocols, access control models
  • evaluation of the security of a system, elaboration of a security plan, in a layered approach

Goals

The objective of the course is first to make students aware of the need to integrate the security dimension in their approach to IT. It then seeks to give a global vision on the security of the information system by taking an interest in each component of this one and by asking the question of the threats and countermeasures applicable to each level. The ultimate objective is to equip the student to define a security plan based on a risk analysis.
 
 

Content

The course includes the following modules
  • Risk management
  • Elements of cryptography
  • Authentication protocols
  • Access control models and authorization management
  • Infrastructure security
  • Operating system security
  • Security and software development

Exercices

During the practical sessions, the student is put in a situation to analyse a system in order to discover, identify and exploit security flaws. In addition, in a more guided way, different types of attacks can be performed and tested on the basis of an existing tool.

Teaching methods

The course is given in the form of lectures, and includes a practical part during which security challenges are proposed to the students. Participation in the practical exercises is compulsory. 

Sources, references and any support material

  • Allen, Julia H., et al. Software Security Engineering: A Guide for Project Managers. Addison-Wesley Professional, 2008.
  • Anderson, Ross J. Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley, 2008.
  • Calder, Alan, and Steve Watkins. IT Governance: A Manager's Guide to Data Security and ISO 27001 / ISO 27002. Kogan Page, 2008.
  • Gollmann, Dieter. Computer Security. Wiley, 2006.
  • Schneier, Bruce. Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition. Wiley, 1996.

Language of instruction

French
Training Study programme Block Credits Mandatory
Bachelor in Computer Science Standard 0 5
Bachelor in Computer Science Standard 3 5