Required in stage
First term
Second term
Both terms
Not organised
This year
Next year
Alternating years
External
Prerequisites
Taught by
Language of instruction
Duration
Identical coursesAims
After succesful completion of this OPO, the student
- understands the basic types of access rights;
- knows the following important security policies and policy frameworks: Bell-LaPadula, Biba, Chinese Wall, Clark-Wilson;
- understands the basic concepts of Unix security, Windows security, database security, software security.
In addition, the student sees how modern computer applications are plagued by re-incarnations of old security problems. In particular, the student
- understands various network security problems (TCP SYN flooding, DNS cache poisoning);
- understands web security problems and solutions (XSS, CSRF, same-origin policies, sandboxing).
Finally, the student can assess the risks and threats of a given scenario, design a security policy and propose security mechanisms to implement the security policy.
Previous knowledge
The students understand a standard computer architecture and its operation. The students can read and understand code snippets written in a modern programming language (Java, C).
Is included in these courses of study
- Master in de ingenieurswetenschappen: wiskundige ingenieurstechnieken (Leuven) 120 ects.
- Courses for Exchange Students Faculty of Engineering Science (Leuven)
- Master of Mathematical Engineering (Leuven) 120 ects.
- Master in de ingenieurswetenschappen: elektrotechniek (Leuven) (ICT-beveiliging en netwerken) 120 ects.
- Master of Electrical Engineering (Leuven) (ICT Security and Networks) 120 ects.
- Master in de ingenieurswetenschappen: artificiële intelligentie (Leuven) 120 ects.
Activities
2.41 ects. e-Security: Lectures (B-KUL-H09L4a)
Content
The course covers theoretical concepts like access control matrices and security policies. We also study the design of secure systems and security evaluation principles.
The theory is illustrated by classical examples like Unix security, Windows security, software security, and by more modern examples like network security, web security, e-commerce, digital right management (DRM).
The lectures cover all the topics of the course.
Course material
Study cost: 51-75 euros (The information about the study costs as stated here gives an indication and only represents the costs for purchasing new materials. There might be some electronic or second-hand copies available as well. You can use LIMO to check whether the textbook is available in the library. Any potential printing costs and optional course material are not included in this price.)
This course is new; there are no course notes yet. We'll follow closely the following book:
Dieter Gollmann, Computer Security (3rd edition), Wiley, ISBN 978-0-470-74115-3.
The students will get copies of the slides. There will be a list of references.
Language of instruction: more information
The teacher is a native Dutch speaker. Students may choose to communicate in Dutch instead of English.
0.59 ects. e-Security: Exercises and Lab Sessions (B-KUL-H09L5a)
Content
The lab sessions illustrate the concepts covered in the lectures:
- Web security and database security
- Network enumeration and network security challenges
- Software security
- Operating system security and privilege escalation
Course material
The students are to bring their laptop computers. Images of virtual machines will be provided in order to run the experiments.
Format: more information
The students will deliver a written report. (no presentation required)