IT Security

7.5 credits

Syllabus, Bachelor's level, 2IS229

A revised version of the syllabus is available.
Code
2IS229
Education cycle
First cycle
Main field(s) of study and in-depth level
Information Systems G1F
Grading system
Fail (U), Pass (G), Pass with distinction (VG)
Finalised by
The Department Board, 15 March 2019
Responsible department
Department of Informatics and Media

Entry requirements

30 credits in information systems or the equivalent

Learning outcomes

Regarding knowledge and understanding, on completion of the course, the student is expected to be able to:

  • describe standards, laws, and policy for information security,
  • describe models and guidelines for the development of secure web applications,
  • explain how different cryptographic methods can be used in web applications.

Regarding competence and skills, on completion of the course, the student is expected to be able to:

  • carry out risk analysis and threat modeling,
  • apply models and guidelines for the development of secure web applications,
  • use tools to identify and characterise security weaknesses of web applications,
  • apply different cryptographic methods to secure web applications.

Regarding judgement and approach, on completion of the course, the student is expected to be able to:

  • critically reflect on how vulnerabilities in information systems affect society based on ethical and technical aspects.

Content

Information and IT security is a central part of modern system engineering. Many threats can injure companies and private persons today. The course covers how security issues around IT can be handled in business development and software engineering. The course includes information security regarding material and intangible assets, ethics and laws and standards regarding information security, to create an understanding of what is to be protected and why. The course also addresses how we protect data using basic guidelines for developing secure web applications, threat modeling, and encryption of web applications. We also work with code review, analysis and testing to find vulnerabilities in web applications.

Instruction

Teaching is given as lectures and exercises.

Assessment

The course is examined through seminars and written assignments.

If there are special reasons for doing so, an examiner may make an exception from the method of assessment indicated and allow a student to be assessed by another method. An example of special reasons might be a certificate regarding special pedagogical support from the University's disability coordinator or a decision by the department's working group for study matters.

FOLLOW UPPSALA UNIVERSITY ON

facebook
instagram
twitter
youtube
linkedin