COMP3020J Information Security for the Internet of Things

Academic Year 2021/2022

The Internet of Things (IoT) Security is the area of endeavour concerned with safeguarding connected devices and networks in the Internet of things (IoT). IoT world may be exciting, but there are serious technical challenges that need to be addressed, especially by developers. In this module, the students will learn how to meet the security, analytics, and testing requirements for IoT applications. The module covers the following four major themes in the security:
• Cryptography
• Access Control
• Protocols
• Software
This module is intended to introduce students to the theory and applications of cryptography - the science of secrecy; access control; security protocols and security in software. We explain the fundamental concepts concerning computer and network security, the mathematics and the algorithms behind several well-known cryptosystems. We introduce and discuss the vulnerabilities exploitable by attacks, including recent attacks, involving the Internet of Things. We explain to students how to design correct security protocols. We show how to identify these vulnerabilities and discuss possible countermeasures. We introduce students to formal verification techniques and show practically how to apply these techniques.

Show/hide contentOpenClose All

Curricular information is subject to change

Learning Outcomes:

On completion of this module, students should have gained an overall introduction to the theory and applications of cryptography - the science of secrecy; access control; security protocols and security in software. They will gain an understanding of the fundamental concepts concerning computer and network security; have an understanding of the mathematics and the algorithms behind several well known cryptosystems; conceptually identify vulnerabilities, including recent attacks, involving the Internet of Things; conceptually describe countermeasures for Internet of Things devices; develop critical thinking skills and formal techniques to verify the security protocols.

Indicative Module Content:

Introduction
Crypto: Crypto Basics; Symmetric Key Crypto; Public Key Crypto; Hash Functions and other topics
Access Control: Authentication; Authorization
Protocols: Simple Authentication Protocols; Real World Security Protocols; Weaknesses and Attacks
Software: Security Vulnerabilities and Malware

Student Effort Hours: 
Student Effort Type Hours
Autonomous Student Learning

80

Lectures

30

Practical

26

Total

136

Approaches to Teaching and Learning:
Key teaching and learning approaches used in this module: active/task-based learning; group work; lectures; lab/studio work; enquiry & problem-based learning; student presentations. 
Requirements, Exclusions and Recommendations

Not applicable to this module.


Module Requisites and Incompatibles
Required:
BDIC1034J - College English 1, BDIC1035J - College English 2, BDIC1036J - College English 3, BDIC1037J - College English 4, BDIC1047J - English for Uni Studies BDIC, BDIC1048J - English Gen Acad Purposes BDIC, BDIC2007J - English for Spec Acad Purposes, BDIC2015J - Acad Wrt & Comm Skills


 
Assessment Strategy  
Description Timing Open Book Exam Component Scale Must Pass Component % of Final Grade
Continuous Assessment: Practical Assignment, Final Exam, Case Study, and demonstrating understanding of the material.
Varies over the Trimester n/a Standard conversion grade scale 40% No

100


Carry forward of passed components
Yes
 
Remediation Type Remediation Timing
In-Module Resit Prior to relevant Programme Exam Board
Please see Student Jargon Buster for more information about remediation types and timing. 
Feedback Strategy/Strategies

• Feedback individually to students, on an activity or draft prior to summative assessment
• Feedback individually to students, post-assessment
• Online automated feedback
• Peer review activities
• Self-assessment activities

How will my Feedback be Delivered?

The grading scheme used will be Standard Conversion Grade Scale* 40% Pass (70% = A-)

“Information Security: Principles and Practice”, 2nd edition, Mark Stamp, (Wiley, May 2011, ISBN-10: 0470626399, ISBN-13: 978-0470626399).

In addition, the lecturer will provide his own articles that contain all of the required material. However, interested students might wish to consult the following for additional reading:

[1] “Practical Internet of Things Security”, 2nd edition, Brian Russell and Drew Van Duren, (Packt, November 2018, ISBN- 978-1-78862-582-1)
[2] “Computer Security: Principles and Practice”, Global Edition, 3/E, William Stallings and Lawrie Brown, (Pearson, 2015, ISBN-10: 1292066172 • ISBN-13: 9781292066172)
[3] “Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software”, Michael Sikorski and Andrew Honig, No Starch Press, 2012. An excellent book for information on reverse engineering (whether for malware analysis or other purposes). Includes many hands-on exercises.

Name Role
Dr Anca Delia Jurcut Lecturer / Co-Lecturer
Mahmoud Said ElSayed Abdallah Tutor
Eric Gyamfi Tutor
Pasika Ranaweera Tutor
Timetabling information is displayed only for guidance purposes, relates to the current Academic Year only and is subject to change.
 

There are no rows to display