Computer Security

Computer Security is a Level 9 course given in Semester 2. See the Course Catalogue entry.
Lectures are held on Mondays and Thursdays at 16:10, in Lecture Theatre 3, Appleton Tower.
Please use the Course Forum for discussing the course and practicals content.

Slides

1.	16 Jan.	Security landscape	view	print
2.	19 Jan.	Cryptography basics	view	print
3.	23 Jan.	Hash functions	view	print
4.	26 Jan.	Symmetric cryptography	view	print
5.	30 Jan.	Asymmetric cryptography	view	print
6.	2 Feb.	Digital signatures	view	print
7.	6 Feb.	Protocols I	view	print
8.	9 Feb.	Protocols II	view	print
9.	13 Feb.	Security models	view	print
10.	16 Feb.	Email and web security	view	print
11.	27 Feb.	Network and Internet vulnerabilities	view	print
12.	1 Mar.	Programming securely	view	print
13.	5 Mar.	Programming securely II	view	print
14.	8 Mar.	Network and Internet defences	view	print
15.	12 Mar.	Guest: Sarah Lowman, Forensics	view
16.	15 Mar.	Guest: Shahriar Bijani, Mobile Telecoms	view	print
17.	19 Mar.	Guest: Mike Just, Usable Security	view	print
	22 Mar.	NO LECTURE
18.	26 Mar.	Attack landscape and summary	view	print

These are lecture slides, not comprehensive notes. You should supplement the slides with notes taken in lectures, and from your own reading. References and specific reading recommendations are given in slides, further guidance is given in lectures. The examinable material consists of what is covered in lectures and tutorials (unless specifically excluded) and the reading recommended in lectures.

Course resources

Recommended reading & other references.

Tutorials

There are four tutorials. See this list of tutorial groups which is managed by the ITO.

Please submit your tutorial marks here (anonymously).

Tutorial Sheet 1 (Cryptography) will be considered at the Week 3 tutorials starting 31st Jan.
The solutions are here, please mark your work by Week 7.
Tutorial Sheet 2 (Protocols) will be considered at the Week 5 tutorials starting 13th Feb.
The solutions are here, please mark your work by Week 9.
Tutorial Sheet 3 (Networks/Programming) will be considered at the Week 8 tutorials starting 5th Mar. The solutions are here, please mark your work by Week 10.
For the final Week 11 tutorials, we will revise the questions from earlier tutorials that caused most interest or difficulty, as well as discuss the practical exercise.

Tutorials are based on question sheets which you should use to help guide your own study for the course. Solutions will be issued a while after the question sheets so you can measure your progress. There is not enough space to cover all topics; you should aim to cover remaining topics to a similar depth of knowledge.

Practical Exercise

There is one practical exercise.

Practical Exercise (Web Application Exploits and Defences)

The exercise is to work through a portion of Google's Gruyere insecure web application tutorial. It is suggested that you work on this in Weeks 8-10.

Exams

Past papers are on the ITO pages.
The only solutions available are those already published.
Older exams include questions on "BAN logic" which has since been removed from the syllabus.

Documents above are in PDF format. Comments, suggestions, corrections are welcomed.
To print course materials, make sure your PDF reader has the correct page size and orientation.

Copyright: except where stated, lecture notes and other course materials are Copyright (C) School of Informatics, University of Edinburgh, and respective authors. Lecture slides prepared by David Aspinall, with additions by Mike Just and Julian Bradfield.
Please respect our rights over this material and contact us if you want to use it in another context.

Course Lecturer: David Aspinall david.aspinall@ed.ac.uk

Home : Teaching : Courses