Syllabus Information

5.1. Methodological overview

The designed learning process of this subject is designed upon:

The learning of concepts and methodologies for the correct design of systems, programs and databases, through on-site classes.

The application of such concepts in the problem class to solve different situations and tasks of computer security.

In the lab classes, the student will implement different aspects on risk analysis, specification, design and implementation of security in computers, and the overall evaluation of security.

5.2. Learning tasks

The presentation of the syllabus in the on-site classes.

Problem solving applying the concepts and techniques presented in the syllabus during problem classes.

Development of lab sessions, in a computing facility, to apply the theory in a real environment.

5.3. Syllabus

Foundations: Risks, threats, vulnerabilities and attacks. Secure design principles. Authentication and authorization. Standars, regulations and laws.
Computer security: Security models. Access control. Unix security. Security-Enhanced Linux.
Network security: Design principles. Firewalls. Virtual private networks. Intrusion detection systems.
Confidence management and input validation.
Database security.
Web security.
Security audits.

5.4. Course planning and calendar

The schedule for the class is as follows:

In the Escuela de Ingeniería y Arquitectura de Zaragoza

On-site and problem classes (3 hours weekly)

Lab sessions (2 hours every other week). Those are tutored sessions in which students code in small groups

In the Escuela Universitaria Polit�cnica de Teruel

Type 1 activities (on-site classes) 2 hours weekly 1 group

Type 2 activities (participative character classes) 1 hour weekly 2 groups

Type 3 activities (lab sessions) 1 hour weekly

Student work:

To reach the learning goals, students are assume to expend 150 hours distributed as follows:

56 hours, roughly, on-site activities(classroom, problem classes and lab sessions)

91 hours of self effective study (study of notes and reports, problem solving, class and lab preparation, and programming)

3 hours dedicated to exams

5.5. Bibliography and recommended resources

[BB: Bibliografía básica / BC: Bibliografía complementaria]

• Zaragoza:
• [BB] 3. Viega, John. Building secure software : how to avoid security problems the right way / John Viega, Gary McGraw Boston : Addison-Wesley, cop. 2002
• [BB] 5. Anderson, Ross J. Security engineering : a guide to building dependable distributed systems / Ross J. Anderson . - 2nd ed. Indianapolis (Indiana) : Wiley, cop. 2008
• [BB] 6. Huseby, Sverre H. Innocent code : a security wake-up call for Web programmers / Sverre H. Huseby Chinchester (England) : John Wiley & Sons, cop. 2004
• [BB] Goodrich, Michael T. Introduction to computer security / Michael Goodrich, Roberto Tamassia . Harlow : Pearson, cop. 2014
• [BB] Pfleeger, Charles P. Security in computing / Charles P. Pfleeger, Shari Lawrence Pfleeger, Jonathan Margulies . Fifth edition. Upper Saddle River, NJ : Prentice Hall, 2015
• [BC] 4. Kaufman, C . Network Security / C. Kaufman, R. Perlman, and M. Speciner, . Second Edition Prentice Hall, 2002
• Teruel:
• [BB] Anderson, Ross J.. Security engineering : a guide to building dependable distributed systems / Ross J. Anderson . 2nd ed. Indianapolis (Indiana) : Wiley, cop. 2008
• [BB] Goodrich, Michael T.. Introduction to computer security / Michael Goodrich, Roberto Tamassia . Harlow : Pearson, cop. 2014
• [BB] Huseby, Sverre H.. Innocent code : a security wake-up call for Web programmers / Sverre H. Huseby . Chinchester (England) : John Wiley & Sons, cop. 2004
• [BB] KAUFMAN, Ch. Network Security / Charles Kaufman, Radia Perllman, Mike Speciner. New Jersey : Prentice Hall,
• [BB] Pfleeger, Charles P.. Security in computing / Charles P. Pfleeger, Shari Lawrence Pfleeger, Jonathan Margulies . Fifth edition Upper Saddle River, NJ : Prentice Hall, 2015
• [BB] Viega, John. Building secure software : how to avoid security problems the right way / John Viega, Gary McGraw . Boston : Addison-Wesley, cop. 2002