CE 304 | Course Introduction and Application Information

Course Name
Operating Systems Security
Code
Semester
Theory
(hour/week)
Application/Lab
(hour/week)
Local Credits
ECTS
CE 304
Fall/Spring
2
2
3
5

Prerequisites
None
Course Language
English
Course Type
Elective
Course Level
First Cycle
Course Coordinator -
Course Lecturer(s) -
Assistant(s) -
Course Objectives The objective of this course is to teach the students security related details of most widely used operating systems, threat analysis, and countermeasures agaist the threats.
Course Description The students who succeeded in this course;
  • will be able to classify security issues of operating systems and their critical dependence factors,
  • will be able to specify methods needed to analyze and discover threats against operating systems,
  • will be able to identify techniques and tools needed to implement countermeasures against threats,
  • will be able to apply different protection mechanisms,
  • will be able to analyze security of a system.
Course Content A study of technical security policies, models, and mechanisms for confidentiality, integrity, and availability with respect to operating systems from an engineering point of view.

 



Course Category

Core Courses
Major Area Courses
Supportive Courses
Media and Management Skills Courses
Transferable Skill Courses

 

WEEKLY SUBJECTS AND RELATED PREPARATION STUDIES

Week Subjects Related Preparation
1 Introduction, basic terms & concepts in information security & related legal issues Preliminary study 1
2 Basics of OS Security; concepts, general & common problems, threats, countermeasures Preliminary study 2
3 Access controls & methodologies, IAAA in OS & relevant technologies & applications in today’s world Preliminary study 3
4 Centralized / decentralized IAAA solutions, different IAAA architectures in secure OS Preliminary study 4
5 Audit & monitoring in OS Preliminary study 5
6 Intro to cryptography, protection of assets, data, systems in OS with today’s best practices Preliminary study 6
7 Secure system management; models, solutions, various technologies Preliminary study 7
8 Midterm
9 Opensource architecture & approach and its relation with information security & OS security Preliminary study 8
10 IAAA differences of Linux vs. Windows architectures Part I Guide to Operating Systems Security, Michael Palmer
11 IAAA differences of Linux vs. Windows architectures Part II Guide to Operating Systems Security, Michael Palmer
12 Network related issues in OS Security Part I Guide to Operating Systems Security, Michael Palmer
13 Network related issues in OS Security (including cryptographic basics) Part II Guide to Operating Systems Security, Michael Palmer
14 Related vulnerabilities, threats & countermeasures (DOS attacks, malicious codes, XSS, rootkits, JavaScript, SQL, Ajax, .Net, Apache, IIS, etc) Part I Guide to Operating Systems Security, Michael Palmer
15 Related vulnerabilities, threats & countermeasures (DOS attacks, malicious codes, XSS, rootkits, JavaScript, SQL, Ajax, .Net, Apache, IIS, etc) Part II Guide to Operating Systems Security, Michael Palmer
16 Review of the Semester  

 

Course Notes/Textbooks Guide to Operating Systems Security, Michael Palmer, Publisher: Thomson, 2003 (2004 2nd ed), ISBN 13: 9780619160401©2004, ISBN 10: 0619160403
Suggested Readings/Materials Maximum Linux Security (2nd Edition), John Ray, Sams, 2 Pap/Cdr edition, 2001, ISBN10: 0672321343, ISBN13: 9780672321344 Hacking Exposed Windows Server 2003, Joel Scambray & Stuart McClure, McGrawHill Osborne Media, 2006, ISBN10: 0072230614, ISBN13: 9780072230611 CISSP Textbook, Vallabhaneni, S.Rao, SRV Pro Publications, 2002, ASIN: B0006S7QN0 ISO27001:IEC, British Standards Institution, 2005 Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, et al, McGrawHill Osborne, Fourth Edition, 2003, ISBN 0072227427 Applied Cryptography: Protocols, Algorithms, and Source Code in C, Schneier, Bruce, Second Edition, 1998, ISBN 0471117099 Hacking Exposed Web Applications, Scambray, Joel, et al, Second Edition, McGrawHill Osborne, 2006, ISBN 0072262990

 

EVALUATION SYSTEM

Semester Activities Number Weigthing
Participation
Laboratory / Application
5
10
Field Work
Quizzes / Studio Critiques
Homework / Assignments
4
40
Presentation / Jury
Project
Seminar / Workshop
Oral Exams
Midterm
1
20
Final Exam
1
30
Total

Weighting of Semester Activities on the Final Grade
70
Weighting of End-of-Semester Activities on the Final Grade
30
Total

ECTS / WORKLOAD TABLE

Semester Activities Number Duration (Hours) Workload
Theoretical Course Hours
(Including exam week: 16 x total hours)
16
2
32
Laboratory / Application Hours
(Including exam week: 16 x total hours)
16
2
Study Hours Out of Class
6
7
Field Work
Quizzes / Studio Critiques
Homework / Assignments
4
5
Presentation / Jury
Project
Seminar / Workshop
Oral Exam
Midterms
1
10
Final Exam
1
14
    Total
150

 

COURSE LEARNING OUTCOMES AND PROGRAM QUALIFICATIONS RELATIONSHIP

#
Program Competencies/Outcomes
* Contribution Level
1
2
3
4
5
1

To have adequate knowledge in Mathematics, Science, Computer Science and Software Engineering; to be able to use theoretical and applied information in these areas on complex engineering problems.

X
2

To be able to identify, define, formulate, and solve complex Software Engineering problems; to be able to select and apply proper analysis and modeling methods for this purpose.

X
3

To be able to design, implement, verify, validate, document, measure and maintain a complex software system, process, or product under realistic constraints and conditions, in such a way as to meet the requirements; ability to apply modern methods for this purpose.

X
4

To be able to devise, select, and use modern techniques and tools needed for analysis and solution of complex problems in software engineering applications; to be able to use information technologies effectively.

X
5

To be able to design and conduct experiments, gather data, analyze and interpret results for investigating complex Software Engineering problems.

X
6

To be able to work effectively in Software Engineering disciplinary and multi-disciplinary teams; to be able to work individually.

7

To be able to communicate effectively in Turkish, both orally and in writing; to be able to author and comprehend written reports, to be able to prepare design and implementation reports, to be able to present effectively, to be able to give and receive clear and comprehensible instructions.

8

To have knowledge about global and social impact of engineering practices and software applications on health, environment, and safety; to have knowledge about contemporary issues as they pertain to engineering; to be aware of the legal ramifications of Engineering and Software Engineering solutions.

X
9

To be aware of ethical behavior, professional and ethical responsibility; to have knowledge about standards utilized in engineering applications.

10

To have knowledge about industrial practices such as project management, risk management, and change management; to have awareness of entrepreneurship and innovation; to have knowledge about sustainable development.

11

To be able to collect data in the area of Software Engineering, and to be able to communicate with colleagues in a foreign language.

X
12

To be able to speak a second foreign language at a medium level of fluency efficiently.

13

To recognize the need for lifelong learning; to be able to access information, to be able to stay current with developments in science and technology; to be able to relate the knowledge accumulated throughout the human history to Software Engineering.

*1 Lowest, 2 Low, 3 Average, 4 High, 5 Highest