CO3030 Computer Systems Security

Course Content: (Only main topics & subtopics) Introduction to Computer Systems Security Importance of computer systems security (history, breaches and impact), basic concepts, threat models, common security goals. Cryptography Basics Introduction, modern cryptographic protocols (and their history, applications, depreciation), encryption, authentication, message authentication codes, hash functions, one-way functions, secret and public-key cryptography, secure channels, zero-knowledge proof, integration of cryptographic protocols into distributed systems and other applications. Software Security Importance of software security, authentication vs authorization and their importance, sandboxing. Network SecurityImportance, secure protocols (TCP/IP), firewalls, network segmentation, intrusion and detection. Web Security Importance of web security, SSL, HTTPS, basic authentication, oauth2, authorization and fine grain permission validation (OPA, XACML), SSO (SAML). Hardware Security Hardware security modules, side-channel attacks, hardware trojans Advanced Topics A selection of modern topics such as blockchain and cryptocurrency, privacy and secure communications, trusted computing, mobile security, operating systems security, ethical hacking, AI-driven security, data protection regulations (GDPR, POPI etc), compliance certifications.