EITN50 Avancerad datasäkerhet, 2019/2020
Aim: The goal of this course is to give the students an in-depth insight into the main problems and solutions within security for computers, embedded devices and networks. As such it deepens acquired knowledge on computer security from earlier courses and gives an analytic understanding behind today’s security solutions. This will allow the student to select by him/herself among existing solutions and/or to present solutions with good quality.
Introduction: In-depth knowledge in computer, embedded devices, and network security is needed when designing secure information systems and (computer) applications. Modern systems will operate more autonomously and their security will depend increasingly on the availability of trusted execution environments. Special care is needed in the software development process for these systems. Since attacks on systems will occur it is also important to understand how intrusion can be analyzed and should be dealt with in a professional way. The course contents is focusing on the following two main areas; Platform Security and Secure Software.
The course will contain certain deep dive in Network security and overviews on connected areas such as Computer Forensics and DRM protection.
Computer Forensics (overview 1)
- standard practices,
Network Security (selected deep dives):
- Authentication: Radius and Diameter, Login protocols, LTE,
- Protocols in use: Principles of secure communication solutions, types of VPNs, Object security, LTE and 5G
- Threats: Network threats, DDOS, Botnets
Platform security (main area I):
- Secure execution: Special OSes, SELinux, Virtualisation and security, Java type VMs,
- Trusted Computing Group TCG (TPM),
- ARM Trustzone,
- Intel SGX,
- RFID, smartcards.
- Trusted computing in cloud systems
DRM (overview 2):
- Basic protection problem,
- Historical perspective on (failed) solutions
- Content protection, SW protection, Licensing systems,
- Obfuscation, white-box cryptography
Secure SW (main area II):
- Common (security) faults in programs,
- Secure SW development process,
- Assisting code analysis tools,
- Malware: Development, reverse code analysis
- Project A: Forensic Analysis of disc and USB drive image
- Project B: Object security in communicaiton
- Project C: TPM use
- Project D: Anatomy of an Exploit
- Project E: Trusted camera design
Lecture notes in form of powerpoint slides and articles.
Deregistration: It is up to each student him/herself to unregister within three weeks if you decide not to follow the course.
Knowledge and understanding
For a passing grade the student must
- analyze a security problem in a computer system or a consumer device
- present solutions of good quality to many standard security problems in processing systems and networks
- basic insight in procedures for forensic data and network analysis
- possess detailed knowledge of building blocks used in computer and network security
- understand the mechanisms of the most frequently used attack methods
Competences and skills
For a passing grade the student must
- present detailed descriptions of systems that are applied to improve security in computer and network systems
- be able to perform a basic forensic data and network analysis procedure
- be able to analyse and explain how an existing protection mechanism works
- give a sound motivation of a proposal of a solution to an IT system security problem
Judgement and approach
For a passing grade the student must apply the acquired knowledge in a series of five projects that require the student to gather additional knowledge and insight to finalize the project. Quality of motivation in solutions in depth and reflection on alternatives will be judged. Factual knowledge is trained through self-passed studies and assignments within the course time frame.