Course Name | Operating Systems Security |
Code | Semester | Theory (hour/week) | Application/Lab (hour/week) | Local Credits | ECTS |
---|---|---|---|---|---|
CE 304 | Fall/Spring | 2 | 2 | 3 | 5 |
Prerequisites |
| ||||||||
Course Language | English | ||||||||
Course Type | Elective | ||||||||
Course Level | First Cycle | ||||||||
Mode of Delivery | - | ||||||||
Teaching Methods and Techniques of the Course | |||||||||
Course Coordinator | - | ||||||||
Course Lecturer(s) | - | ||||||||
Assistant(s) | - |
Course Objectives | The objective of this course is to teach the students security related details of most widely used operating systems, threat analysis, and countermeasures agaist the threats. |
Learning Outcomes | The students who succeeded in this course;
|
Course Description | A study of technical security policies, models, and mechanisms for confidentiality, integrity, and availability with respect to operating systems from an engineering point of view. |
Related Sustainable Development Goals | |
| Core Courses | |
Major Area Courses | X | |
Supportive Courses | ||
Media and Managment Skills Courses | ||
Transferable Skill Courses |
Week | Subjects | Required Materials |
1 | Introduction, basic terms & concepts in information security & related legal issues | Preliminary study 1 |
2 | Basics of OS Security; concepts, general & common problems, threats, countermeasures | Preliminary study 2 |
3 | Access controls & methodologies, IAAA in OS & relevant technologies & applications in today’s world | Preliminary study 3 |
4 | Centralized / decentralized IAAA solutions, different IAAA architectures in secure OS | Preliminary study 4 |
5 | Audit & monitoring in OS | Preliminary study 5 |
6 | Intro to cryptography, protection of assets, data, systems in OS with today’s best practices | Preliminary study 6 |
7 | Secure system management; models, solutions, various technologies | Preliminary study 7 |
8 | Midterm | |
9 | Opensource architecture & approach and its relation with information security & OS security | Preliminary study 8 |
10 | IAAA differences of Linux vs. Windows architectures | Part I Guide to Operating Systems Security, Michael Palmer |
11 | IAAA differences of Linux vs. Windows architectures | Part II Guide to Operating Systems Security, Michael Palmer |
12 | Network related issues in OS Security | Part I Guide to Operating Systems Security, Michael Palmer |
13 | Network related issues in OS Security (including cryptographic basics) | Part II Guide to Operating Systems Security, Michael Palmer |
14 | Related vulnerabilities, threats & countermeasures (DOS attacks, malicious codes, XSS, rootkits, JavaScript, SQL, Ajax, .Net, Apache, IIS, etc) | Part I Guide to Operating Systems Security, Michael Palmer |
15 | Related vulnerabilities, threats & countermeasures (DOS attacks, malicious codes, XSS, rootkits, JavaScript, SQL, Ajax, .Net, Apache, IIS, etc) | Part II Guide to Operating Systems Security, Michael Palmer |
16 | Review of the Semester |
Course Notes/Textbooks | Guide to Operating Systems Security, Michael Palmer, Publisher: Thomson, 2003 (2004 2nd ed), ISBN 13: 9780619160401©2004, ISBN 10: 0619160403 |
Suggested Readings/Materials | Maximum Linux Security (2nd Edition), John Ray, Sams, 2 Pap/Cdr edition, 2001, ISBN10: 0672321343, ISBN13: 9780672321344 Hacking Exposed Windows Server 2003, Joel Scambray & Stuart McClure, McGrawHill Osborne Media, 2006, ISBN10: 0072230614, ISBN13: 9780072230611 CISSP Textbook, Vallabhaneni, S.Rao, SRV Pro Publications, 2002, ASIN: B0006S7QN0 ISO27001:IEC, British Standards Institution, 2005 Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, et al, McGrawHill Osborne, Fourth Edition, 2003, ISBN 0072227427 Applied Cryptography: Protocols, Algorithms, and Source Code in C, Schneier, Bruce, Second Edition, 1998, ISBN 0471117099 Hacking Exposed Web Applications, Scambray, Joel, et al, Second Edition, McGrawHill Osborne, 2006, ISBN 0072262990 |
Semester Activities | Number | Weigthing |
Participation | ||
Laboratory / Application | 5 | 10 |
Field Work | ||
Quizzes / Studio Critiques | ||
Portfolio | ||
Homework / Assignments | 4 | 40 |
Presentation / Jury | ||
Project | ||
Seminar / Workshop | ||
Oral Exam | ||
Midterm | 1 | 20 |
Final Exam | 1 | 30 |
Total |
Weighting of Semester Activities on the Final Grade | 70 | |
Weighting of End-of-Semester Activities on the Final Grade | 30 | |
Total |
Semester Activities | Number | Duration (Hours) | Workload |
---|---|---|---|
Course Hours (Including exam week: 16 x total hours) | 16 | 2 | 32 |
Laboratory / Application Hours (Including exam week: 16 x total hours) | 16 | 2 | |
Study Hours Out of Class | 6 | 7 | 42 |
Field Work | |||
Quizzes / Studio Critiques | |||
Portfolio | |||
Homework / Assignments | 4 | 5 | |
Presentation / Jury | |||
Project | |||
Seminar / Workshop | |||
Oral Exam | |||
Midterms | 1 | 10 | |
Final Exams | 1 | 14 | |
Total | 150 |
# | Program Competencies/Outcomes | * Contribution Level | ||||
1 | 2 | 3 | 4 | 5 | ||
1 | To have adequate knowledge in Mathematics, Science and Industrial Engineering; to be able to use theoretical and applied information in these areas to model and solve Industrial Engineering problems. | X | ||||
2 | To be able to identify, formulate and solve complex Industrial Engineering problems by using state-of-the-art methods, techniques and equipment; to be able to select and apply proper analysis and modeling methods for this purpose. | X | ||||
3 | To be able to analyze a complex system, process, device or product, and to design with realistic limitations to meet the requirements using modern design techniques. | X | ||||
4 | To be able to choose and use the required modern techniques and tools for Industrial Engineering applications; to be able to use information technologies efficiently. | X | ||||
5 | To be able to design and do simulation and/or experiment, collect and analyze data and interpret the results for investigating Industrial Engineering problems and Industrial Engineering related research areas. | X | ||||
6 | To be able to work efficiently in Industrial Engineering disciplinary and multidisciplinary teams; to be able to work individually. | |||||
7 | To be able to communicate effectively in Turkish, both orally and in writing; to be able to author and comprehend written reports, to be able to prepare design and implementation reports, to present effectively; to be able to give and receive clear and comprehensible instructions | |||||
8 | To have knowledge about contemporary issues and the global and societal effects of Industrial Engineering practices on health, environment, and safety; to be aware of the legal consequences of Industrial Engineering solutions. | X | ||||
9 | To be aware of professional and ethical responsibility; to have knowledge of the standards used in Industrial Engineering practice. | X | ||||
10 | To have knowledge about business life practices such as project management, risk management, and change management; to be aware of entrepreneurship and innovation; to have knowledge about sustainable development. | |||||
11 | To be able to collect data in the area of Industrial Engineering; to be able to communicate with colleagues in a foreign language. | |||||
12 | To be able to speak a second foreign at a medium level of fluency efficiently. | |||||
13 | To recognize the need for lifelong learning; to be able to access information, to be able to stay current with developments in science and technology; to be able to relate the knowledge accumulated throughout the human history to Industrial Engineering. | X |
*1 Lowest, 2 Low, 3 Average, 4 High, 5 Highest