CE 304 | Course Introduction and Application Information

Course Name
Operating Systems Security
Code
Semester
Theory
(hour/week)
Application/Lab
(hour/week)
Local Credits
ECTS
CE 304
Fall/Spring
2
2
3
5

Prerequisites
None
Course Language
English
Course Type
Elective
Course Level
First Cycle
Course Coordinator -
Course Lecturer(s) -
Assistant(s) -
Course Objectives The objective of this course is to teach the students security related details of most widely used operating systems, threat analysis, and countermeasures agaist the threats.
Course Description The students who succeeded in this course;
  • will be able to classify security issues of operating systems and their critical dependence factors,
  • will be able to specify methods needed to analyze and discover threats against operating systems,
  • will be able to identify techniques and tools needed to implement countermeasures against threats,
  • will be able to apply different protection mechanisms,
  • will be able to analyze security of a system.
Course Content A study of technical security policies, models, and mechanisms for confidentiality, integrity, and availability with respect to operating systems from an engineering point of view.

 



Course Category

Core Courses
Major Area Courses
Supportive Courses
Media and Management Skills Courses
Transferable Skill Courses

 

WEEKLY SUBJECTS AND RELATED PREPARATION STUDIES

Week Subjects Related Preparation
1 Introduction, basic terms & concepts in information security & related legal issues Preliminary study 1
2 Basics of OS Security; concepts, general & common problems, threats, countermeasures Preliminary study 2
3 Access controls & methodologies, IAAA in OS & relevant technologies & applications in today’s world Preliminary study 3
4 Centralized / decentralized IAAA solutions, different IAAA architectures in secure OS Preliminary study 4
5 Audit & monitoring in OS Preliminary study 5
6 Intro to cryptography, protection of assets, data, systems in OS with today’s best practices Preliminary study 6
7 Secure system management; models, solutions, various technologies Preliminary study 7
8 Midterm
9 Opensource architecture & approach and its relation with information security & OS security Preliminary study 8
10 IAAA differences of Linux vs. Windows architectures Part I Guide to Operating Systems Security, Michael Palmer
11 IAAA differences of Linux vs. Windows architectures Part II Guide to Operating Systems Security, Michael Palmer
12 Network related issues in OS Security Part I Guide to Operating Systems Security, Michael Palmer
13 Network related issues in OS Security (including cryptographic basics) Part II Guide to Operating Systems Security, Michael Palmer
14 Related vulnerabilities, threats & countermeasures (DOS attacks, malicious codes, XSS, rootkits, JavaScript, SQL, Ajax, .Net, Apache, IIS, etc) Part I Guide to Operating Systems Security, Michael Palmer
15 Related vulnerabilities, threats & countermeasures (DOS attacks, malicious codes, XSS, rootkits, JavaScript, SQL, Ajax, .Net, Apache, IIS, etc) Part II Guide to Operating Systems Security, Michael Palmer
16 Review of the Semester  

 

Course Notes/Textbooks Guide to Operating Systems Security, Michael Palmer, Publisher: Thomson, 2003 (2004 2nd ed), ISBN 13: 9780619160401©2004, ISBN 10: 0619160403
Suggested Readings/Materials Maximum Linux Security (2nd Edition), John Ray, Sams, 2 Pap/Cdr edition, 2001, ISBN10: 0672321343, ISBN13: 9780672321344 Hacking Exposed Windows Server 2003, Joel Scambray & Stuart McClure, McGrawHill Osborne Media, 2006, ISBN10: 0072230614, ISBN13: 9780072230611 CISSP Textbook, Vallabhaneni, S.Rao, SRV Pro Publications, 2002, ASIN: B0006S7QN0 ISO27001:IEC, British Standards Institution, 2005 Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, et al, McGrawHill Osborne, Fourth Edition, 2003, ISBN 0072227427 Applied Cryptography: Protocols, Algorithms, and Source Code in C, Schneier, Bruce, Second Edition, 1998, ISBN 0471117099 Hacking Exposed Web Applications, Scambray, Joel, et al, Second Edition, McGrawHill Osborne, 2006, ISBN 0072262990

 

EVALUATION SYSTEM

Semester Activities Number Weigthing
Participation
Laboratory / Application
5
10
Field Work
Quizzes / Studio Critiques
Homework / Assignments
4
40
Presentation / Jury
Project
Seminar / Workshop
Portfolios
Midterms / Oral Exams
1
20
Final / Oral Exam
1
30
Total

Weighting of Semester Activities on the Final Grade
70
Weighting of End-of-Semester Activities on the Final Grade
30
Total

ECTS / WORKLOAD TABLE

Semester Activities Number Duration (Hours) Workload
Course Hours
Including exam week: 16 x total hours
16
2
32
Laboratory / Application Hours
Including exam week: 16 x total hours
16
2
Study Hours Out of Class
6
7
Field Work
Quizzes / Studio Critiques
Homework / Assignments
4
5
Presentation / Jury
Project
Seminar / Workshop
Portfolios
Midterms / Oral Exams
1
10
Final / Oral Exam
1
14
    Total
150

 

COURSE LEARNING OUTCOMES AND PROGRAM QUALIFICATIONS RELATIONSHIP

#
Program Competencies/Outcomes
* Contribution Level
1
2
3
4
5
1 Adequate knowledge in Mathematics, Science and Software Engineering; ability to use theoretical and applied information in these areas to model and solve Software Engineering problems X
2 Ability to identify, define, formulate, and solve complex Software Engineering problems; ability to select and apply proper analysis and modeling methods for this purpose X
3 Ability to design, implement, verify, validate, measure and maintain a complex software system, process or product under realistic constraints and conditions, in such a way as to meet the desired result; ability to apply modern methods for this purpose
4 Ability to devise, select, and use modern techniques and tools needed for Software Engineering practice
5 Ability to design and conduct experiments, gather data, analyze and interpret results for investigating Software Engineering problems
6 Ability to work efficiently in Software Engineering disciplinary and multi-disciplinary teams; ability to work individually
7 Ability to communicate effectively in Turkish, both orally and in writing; knowledge of a minimum of two foreign languages
8 Recognition of the need for lifelong learning; ability to access information, to follow developments in science and technology, and to continue to educate him/herself
9 Awareness of professional and ethical responsibility
10 Information about business life practices such as project management, risk management, and change management; awareness of entrepreneurship, innovation, and sustainable development
11 Knowledge about contemporary issues and the global and societal effects of engineering practices on health, environment, and safety; awareness of the legal consequences of Software Engineering solutions

*1 Lowest, 2 Low, 3 Average, 4 High, 5 Highest