This document provides an overview of the course schedule, feedback, and content for an information security course. It outlines the following: - The course schedule covers topics like access control, certificates, protocols, and security topics over several weeks. - Students provided feedback on wanting to learn both practical and abstract security principles, as well as careers in the field. - The instructor outlined the different aspects of security to be covered, including cryptography, protocols, communication security, and human issues. - Homework assignments include analyzing security requirements using the CIA model and reading the first chapter. A group exercise involves discussing assets and threats to a university.

1. SECURITY
24. huhtikuuta 14

2. CLASS SCHEDULE
Feedback
Course schedule
Aspects of security
Exercise for next week
24. huhtikuuta 14

3. FEEDBACK
Wish to learn abstract
principles for security
Wish to learn practical things
Like project based learning
Prefer traditional teaching
To learn more about Internet
security
Worried about flipped
classroom method
Enjoy team work
Traditional teaching outdated
Learn fundamentals of
information security
Security problems are
complex
Decent level of security
Access control
Good reading material
Protocol specific security
issues and how they were
fixed
What kind of jobs we can do
in this field
Wish: Discussion forum
24. huhtikuuta 14

4. MOODLE
All exercise related
information will be on
Moodle
Lecture slides will be on
Noppa
There is a discussion
forum in Moodle. If you
have questions about
course content, ask
them there, so that
others may benefit from
the answers too.
24. huhtikuuta 14

5. COURSE SCHEDULE
Week Tuesday Thursday
April 14 - April 20 Introduction Easter
April 21 - April 27 Easter What is security
April 28- May 4 Access control 1st May
May 5 - May 11 Access control 2 Incentive
May 12 - May 18 Certificates Protocols 1
May 19 - May 25 Protocols 2 Security topics
May 26 - June 1 Security topics
Lab work on securityLab work on security
24. huhtikuuta 14

6. WHAT IS SECURITY?
24. huhtikuuta 14

7. FRAMEWORK FOR
SECURITY
Policy,
mechanism,
assurance,
incentive
24. huhtikuuta 14

8. ASPECTS OF SECURITY
24. huhtikuuta 14

9. ASPECTS OF SECURITY
Communication securityInformation security
Human issues in security
24. huhtikuuta 14

10. ASPECTS OF SECURITY
Protocol security
Communication securityInformation security
Human issues in security
24. huhtikuuta 14

11. ASPECTS OF SECURITY
Protocol security
Protocol Analysis
Communication securityInformation security
Human issues in security
24. huhtikuuta 14

12. ASPECTS OF SECURITY
Cryptography
Protocol security
Protocol Analysis
Communication securityInformation security
Human issues in security
24. huhtikuuta 14

13. ASPECTS OF SECURITY
Cryptography
Cryptanalysis
Protocol security
Protocol Analysis
Communication securityInformation security
Human issues in security
24. huhtikuuta 14

14. ASPECTS OF SECURITY
Cryptography
Cryptanalysis
Protocol security
Protocol Analysis
Communication securityInformation security
Human issues in security
System security
24. huhtikuuta 14

15. ASPECTS OF SECURITY
Cryptography
Cryptanalysis
Protocol security
Protocol Analysis
Communication securityInformation security
Human issues in security
Security analysis
System security
24. huhtikuuta 14

16. ASPECTS OF SECURITY
Cryptography
Cryptanalysis
Protocol security
Protocol Analysis
Communication securityInformation security
Human issues in security
Security analysis
System security
Threat modeling
24. huhtikuuta 14

17. ASPECTS OF SECURITY
Cryptography
Cryptanalysis
Protocol security
Protocol Analysis
Communication securityInformation security
Human issues in security
Organization
security
Security analysis
System security
Threat modeling
24. huhtikuuta 14

18. ASPECTS OF SECURITY
Cryptography
Cryptanalysis
Protocol security
Protocol Analysis
Communication securityInformation security
Human issues in security
Organization
security
Process security
Security analysis
System security
Threat modeling
24. huhtikuuta 14

19. ASPECTS OF SECURITY
Cryptography
Cryptanalysis
Protocol security
Protocol Analysis
Communication securityInformation security
Human issues in security
Security
economics
Organization
security
Process security
Security analysis
System security
Threat modeling
24. huhtikuuta 14

20. ASPECTS OF SECURITY
Cryptography
Cryptanalysis
Protocol security
Protocol Analysis
Communication securityInformation security
Human issues in security
Security
economics
Organization
security
Process security
Security analysis
System security
Threat modeling
Access control
24. huhtikuuta 14

21. GROUP EXERCISE
Discuss and make a
presentation
what are the assets
that Aalto University
has to protect?
People affiliated with
Aalto: What
categories do they
belong to?
Where do the
potential security
threats come from?
24. huhtikuuta 14

22. HOMEWORK (1)
Read chapter 4 of the
book. There will be
classroom exercises based
on section 4.2 and
discussion on the rest of
chapter.
Write a lecture log about
this class (1-2 pages).
Deadline Monday 12 pm
(noon)
You can use the following
questions to help you:
what did you learn
about security and it’s
different parts during
class and pre-
assignment?
Was something difficult
to understand? What?
24. huhtikuuta 14

23. ACCESS CONTROL
EXERCISE
The CIA model (Confidentiality,
Intergrity, Availability) is a fairly
useful tool for analyzing the
security requirements in various
situations.
Deadline Monday 12 PM
1) Use the CIA model to analyze
the security requirements for the
following problems
a single (computer) file
containing the exam questions
for this course: a day before
the exam, when the exam
starts, and a day after the exam
a student's exam answers
a published research paper
an unpublished research paper
a teacher's slides for a course
2) Take a look at https://
oma.aalto.fi and check your
Personal Attributes for Aalto
Shibboleth authentication.
What is Shibboleth and how is
this information used?
Try to analyze what roles do
you have in Aalto?
24. huhtikuuta 14