Security and Privacy (CITS3231)

Computer Science & Software Engineering
Security and Privacy (CITS3231)

Faculty Home | CSSE Home | csentry | CITS3231 | help3231

Unit information for 2008

The spectacular growth of the Internet has spawned increased awareness, interest, and concern in issues of computer and network security, and the privacy of those using these. Although security has long been considered in the design of computer operating systems and basic Internet protocols, many applications and network services have been and are being designed with minimal attention paid to issues of confidentiality, authentication, and privacy. As our daily activities become more and more reliant upon computers and networks, an understanding of such security issues is essential. This unit provides an introduction to security in the context of computer systems and the networks that connect them.

The unit commences by examining the representation and support of users in traditional operating systems, how they are authenticated, and how their privileges and resources are stored and manipulated during normal execution of their processes. Next, approaches to securing an operating system's files are discussed, followed by techniques on securely logging an operating system's activities, and ensuring file-system integrity.

The unit next considers the general design of the TCP/IP protocol suite, the impact of the lack of a fundamental security model, an explanation of some common vulnerabilities in its protocols, contemporary thinking on, and solutions to these.

The basic building blocks of cryptography are next discussed, followed by examples of how and where these techniques are often employed in secure network protocols, applications, and within the World Wide Web.

The unit concludes with an examination of robust programming techniques, and considers how programming languages may be improved to provide greater security.

Information available from here:

Schedule of topics - with links to lectures, labsheets, and tutorials.
Information resources - reading materials, labsheets, tutorials, projects, exams, ....

The strongly recommended textbook for 2008:
	Computer Security: Principles and Practice William Stallings and Lawrie Brown Copyright 2008, pp880 ISBN: 9780135137116.

Other books of interest for CITS3231 students

SPOT (Student Perceptions of Teaching) reports: 2004, 2005, 2006, 2007, and 2008.

Unit coordination:

Coordinator:

Dr. Chris McDonald, chris@csse.uwa.edu.au, Rm 2.20

Discussion list:

help3231

Lectures:

Tuesday 9am-11am, in the General Purpose Building 2 Lect.Th., wks 1-12.
(please do not consider enroling in this unit if you cannot attend this 2hr lecture)

Tutorials:

Wednesday 2-3pm, 3-4pm, in CSSE Rm 2.28. wks 2,4,6,8,10,13.
Students should attend a 1 hour tutorial every two weeks.

Laboratories:

Tuesday 2pm-4pm, Thursday 1pm-3pm, in CSSE Lab 2.3. wks 2-12
Students should attend one 2 hour laboratory session each week.

Assessment:

20%	mid-semester test	9am, Tuesday 9th September (wk7)
30%	practical project	12noon, Friday 24th October (wk12)
50%	final exam	2 hours in November

Tutorials:

One hour tutorials will be held roughly every two weeks. A revision tutorial in week 13 will discuss questions on the sample examination paper. Tutorials sheets will typically contain 4 or 5 short-answer questions. Although not contributing directly to your assessment, the form of questions discussed in tutorial sessions will be typical of those in the final examination. Written, sample solutions to tutorial questions will not be provided.

Laboratory and project work:

Practical work is a very important component of this unit, both in weekly laboratory sessions that will reinforce lecture material and in project material that requires you to increase the depth of your knowledge. This unit has two 2 hour, supervised weekly periods in which you are expected to undertake the laboratory and project work. Completion of the laboratory sheets is considered essential for satisfactory progress in this unit. Moreover, while you are welcome to undertake CITS3231 work on your own computers, this should not be seen as a substitute for attendance at supervised laboratory sessions.

Before undertaking this unit, students are strongly encouraged to read:

UWA's Charter of Student Rights and Responsibilities,
Section 6.11 of Guidelines on Assessment At The University Of Western Australia,
UWA's Ethical Scholarship, Academic Literacy and Academic Misconduct,
the Faculty Policy for Assessment Practices and Procedures, and
the School's assessment deadlines.

While undertaking this unit, students should also keep abreast of issues discussed in the popular Australian IT media, for example, The Australian's IT section (appearing each Tuesday), PC Week Australia, and Australian Personal Computer (monthly).

Top of Page

CRICOS Provider Code: 00126G