Academic Year/course:
2023/24
30227 - IT Security
Syllabus Information
Academic year:
2023/24
Subject:
30227 - IT Security
Faculty / School:
110 - Escuela de Ingeniería y Arquitectura
326 - Escuela Universitaria Politécnica de Teruel
Degree:
439 - Bachelor's Degree in Informatics Engineering
443 - Bachelor's Degree in Informatics Engineering
ECTS:
6.0
Year:
4
Semester:
First semester
Subject type:
Compulsory
Module:
---
1. General information
In previous subjects, students have learned the concepts of different areas of computer science, such as programming, networks, operating systems, system administration, distributed systems, including some basic security concepts and mechanisms.
Based on these references, this subject reinforces the security concepts previously introduced and develops the problematic of this field in a complete way, from the definition of objectives, the analysis and specification of the problem from a security point of view, the design of solutions, the implementation of such solutions with the appropriate mechanisms and procedures, and the validation and periodic verification of the initially proposed objectives.
The adequate use of this subject is obtained having previously acquired a level of knowledge equivalent to the one obtained with the subjects System Administration equivalent to the one obtained with the subjects of Systems Administration, Operating Systems, Computer Networks, Distributed Systems, Databases, Programming, ..
These approaches and objectives are aligned with some of the SDGs of the 2030 Agenda:
Goal 9: Building resilient infrastructure, promoting inclusive and sustainable industrialization, and fostering innovation.
Target 9.1. By 2030, develop reliable, sustainable, resilient and quality infrastructure, including regional and cross-border infrastructure , to support economic development and human well-being, with particular emphasis on affordable and equitable access for all.
2. Learning results
Knowledge of the fundamentals of computer security in its organizational aspect and implementation in systems, networks, databases and software.
Design a comprehensive IT security model for an organization following an appropriate methodology.
To master different tools that help in the development of the different stages of the methodology used.
Ability to assess the security status of a computer system and its applications.
Understand and know how to apply the different regulations and standards in computer security, as well as the related legislation.
3. Syllabus
Basic concepts: Risks, threats, vulnerabilities and attacks. Principles of safe design. Authentication and authorization.
Standards, regulation and legislation.
Computer security: Security models. Access control. Security in Unix. Security-Enhanced Linux.
Network security: Design aspects. Firewall. Virtual private networks. Intrusion detection systems.
Fundamentals of secure programming: Design principles. Career conditions. Cryptography.
Trust management and input validation.
Database security.
Web security.
Audit.
4. Academic activities
Zaragoza School of Engineering and Architecture
Theoretical and problem classes (3 hours per week).
Practical classes (2 hours every 2 weeks). These are programming work sessions, supervised by a teacher, in which students participate in small groups.
Teruel Polytechnic University School of Teruel
Theoretical and problem classes (2 hours per week).
Practical classes (2 hours per week).
Tutored sessions for the follow-up and/or defense of the directed work according to the calendar defined by the teaching staff.
Student work
The student's dedication to achieve the learning results in this course is estimated in 150 hours, distributed as follows:
approximately 60 hours of lectures, problems, practicals, etc
84 hours of effective personal study: study of notes and texts, problem solving, class and practical preparation, program development
6 hours of assessment
5. Assessment system
Zaragoza School of Engineering and Architecture
The assessment of the subject will follow the global assessment procedure, which will consist of two parts:
1) Written exam in which problems must be solved, conceptual questions must be answered, or an exercise must be solved. A minimum grade of 4.0 on the written exam is required to pass the subject. The grade obtained in this exam will be weighted 70% of the grade of the subject.
2) Practical work. It will be valued that the solutions provided behave according to the specifications, the quality of their design and the time spent. A minimum grade of 4.0 on the written exam is required to pass the subject. The grade obtained is weighted 30% of the grade of the subject.
The grade for each exam will be that corresponding to the weighted sum of the two tests, being limited to 4 points out of 10 in the case of not achieving a 4 out of 10 in any of them.
Teruel Polytechnic University School of Teruel
The assessment of the subject will follow the global assessment procedure, which will consist of two parts:
1) Written exam in which problems must be solved, conceptual questions must be answered, or an exercise to be solved . A minimum grade of 4.0 on the written exam is required to pass the subject. The grade obtained in this exam will be weighted 20% of the grade of the subject.
2) Practical work and class work. It will be valued that the solutions provided behave according to the specifications of each work, memory and quality of the design. A minimum grade of 4.0 on the written exam is required to pass the subject. The grade obtained is weighted 70% of the grade of the subject.
3) Directed work in which advanced aspects of computer security will be studied in depth. The grade obtained is weighted 10% of the grade of the subject.