Babes-Bolyai University of Cluj-Napoca
Faculty of Mathematics and Computer Science
Study Cycle: Master

SUBJECT

Code
Subject
MID1028 Computer System Security
Section
Semester
Hours: C+S+L
Category
Type
Mathematics Computational - in Hungarian
3
2+2+0
speciality
optional
Optimization of computational models- in Hungarian
1
2+2+0
speciality
compulsory
Teaching Staff in Charge
Assoc.Prof. ROBU Judit, Ph.D.,  robucs.ubbcluj.ro
Aims
By the end of the course students should:
– be familiar with the most common security terms and concepts
– have a basic understanding of the most commonly used attack techniques and protection mechanisms
– have gained basic insight into aspects of modern cryptography and its applications
– appreciate the range of meanings that $security$ has across different applications
Content
– Introduction to computer security. Basic concepts, threat models, common security goals.
– Cryptography and cryptographic protocols, including encryption, authentication, message authentication codes, hash functions, one-way functions, public-key cryptography, secure channels, zero knowledge in practice, cryptographic protocols and their integration into distributed systems, and other applications.
– Software security. Secure software engineering, defensive programming, buffer overruns and other implementation flaws. Language-based security: analysis of code for security errors, safe languages, and sandboxing techniques.
– Operating system security. Memory protection, access control, authorization, authenticating users, enforcement of security, security evaluation, trusted devices, digital rights management.
– Network security. Firewalls, intrusion detection systems, DoS attacks and defense. Case studies: DNS, IPSec.
– Malicious code analysis and defense. Worms, spyware, rootkits, botnets, etc., and defenses against them.
– Web security. XSS attacks and defenses, etc.
References
1. Dieter Gollmann: Computer Security, 2nd Edition (Wiley, 2006)
2. Ross Anderson: Security Engineering, 2nd Edition (Wiley, 2008)
3. Charles P. Pfleeger, Shari Lawrence Pfleeger: Security in Computing, 4th Edition (Prentice Hall, 2006)
4. Simon Singh: Kódkönyv. A rejtjelezés és rejtjelfejtés története, Park Könyvkiadó, 2001; în engleză: http://www.simonsingh.net/Shop_-_Crypto_CD-ROM.html
Assessment
homeworks and seminar projects 60%
final exam 40%
Links: Syllabus for all subjects
Romanian version for this subject
Rtf format for this subject