Computer Science and
     Software Engineering

Computer Science and Software Engineering

Postgraduate Diploma in Science (Computer Security and Forensics) (2011)

Postgraduate study in the area of Computer Security and Forensics has been introduced in order to provide specialised study for those students with an interest in areas such as computer security, security management, cryptography, computer forensics and related areas. While most postgraduate courses are based upon a broad range of papers, this program of study is targeted at students who wish to specialise more specifically in these areas of computing.

Specialisation in Computer Security and Forensics is designed for candidates wishing to gain employment in network security and forensics related areas such as with public and private security agencies, computer companies and consultancies, police forces, the military services, and other government agencies etc. This program provides both theory and practice. It will enable students to gain the skills to develop a management security policy for organisations, design a secure wireless or wired computer network, develop secure Internet software, manage a forensic case and understand and perform detailed technical analyses of computer-based evidence, as well as many other aspects of computer and data security. It will further provide extensive understanding of security-based architectures as well as developing skills in the use of tools to test and evaluate such systems.

The courses build upon the undergraduate work in network and data security covered in COSC332 (Data and Network Security), so majoring students should have taken this course, or an equivalent course from other Universities. Students enrolling in postgraduate study in Computer Security and Forensics will take the six papers listed below and make up the remainder (to a total of eight) from additional COSC400 level papers or MATH409 (Cryptography). A student's background and specific interests and skills will likely influence the specific papers selected

Students enrolling in the Postgraduate Diploma in Science, Graduate Diploma in Science, honours and masters may take up to three of these papers. Note however that specialisation may limit the range of supervisors available for more advanced study (e.g. Masters Part 2). If you are accepted to proceed to Masters (Part 2) then you would likely do a project in an area of interest and specialisation identified during the study of these core papers.

In all cases it is important to seek advice from the Department and, as with all postgraduate study; the final set of papers must be confirmed by the Head of Department.

A pdf version of this document is available for download here.

Primary Papers

Semester 1

COSC 407   Wireless and Mobile Network Security
COSC 425   Computer and Network Forensics A
COSC 430   Information Security and Access Management

Semester 2

COSC 424   Secure Software
COSC 429   Cybersecurity
COSC 435   Computer and Network Forensics B

Two additional papers to be selected from:

MATH 409   Cryptography
Other COSC 400-level papers

Specific prerequisites may also apply. For example students must have passed MATH221 (Algebra & Cryptography) in order to take MATH 409 (Cryptography).

Teaching Staff

In 2011, lecturers in this program are drawn from the academic staff of the Department of Computer Science and Software Engineering as well as a variety of industry security experts and specialists with 20-25 years experience in software security, identity and access management. The variety of both academic and industry backgrounds in the teaching staff is intended to provide students with a sound range of theoretical and practical skills which will equip them for work in the industry or, in some cases, for further study and research.

For further general information please contact admin@cosc.canterbury.ac.nz.

For information specific to the content of these papers please contact Ray Hunt, Tel 03-3642347 or e-mail ray.hunt@canterbury.ac.nz.

Overview of papers

Semester 1

COSC407 Wireless and Mobile Network Security

This course is designed to build on the work of COSC331 (Data Communications and Networks) and COSC332 (Data and Network Security) which are recommended prerequisites. It is also designed to be taken in conjunction with COSC425 Computer and Network Forensics A and COSC430 Information Security and Access Management as well as other papers from the Post Graduate Diploma in Computer Security and Forensics Group.

This course is intended to provide students with greater depth of study on a number of key topics in the area of Wireless and Mobile IP Network Security. The course will provide a study of key security systems appropriate for TCP/IP, wireless mobile and multimedia networks and will include topics such as security in Wireless Personal Area Networks (WPANs including Bluetooth Networks), Wireless Local Area Networks (WiFi WLANs) Wireless Wide Area Networks (4G networks), WiMAX wireless broadband access networks and MANs (Metropolitan Area Networks).

Students will undertake practical work involving a set of practical laboratory experiments involving wireless LAN security.

  • Management issues in wireless and mobile networks
    • Wireless security management framework, policy-based network management
  • Security in Local Area Wireless Networks (802.11x)
    • Evolution from WEP through WPA, WPA2 and EAP
  • Security in Metropolitan Wireless Access Networks (WiMAX)
    • Infrastructure, interworking, Quality of Service and security issues
  • Security in Personal Area Networks (PANs) – Bluetooth
    • Interoperability, link management, attacks on Bluetooth networks
  • Security in Wide Area Mobile 3G Networks (UMTS, cdma2000)
    • 3G/UMTS security framework, attacks on 3G Networks, WAP2, IPSec VPNs
  • Security case studies.

COSC 425 Computer and Network Forensics A

This course is designed to build on the work of COSC331 and COSC332 which are recommended prerequisites. It is also designed to be taken in conjunction with COSC407 Wireless and Mobile Network Security and COSC430 Information Security and Access Management as well as other papers from the Post Graduate Diploma in Computer Security and Forensics Group. This covers the social, legal and technical aspects of cyber crime as well as the forensic techniques required to combat them.

This course is intended to provide students with greater depth of study on a number of key topics in the area of computer security in society: cybercrime, computer and network forensics, and financial forensics. The course involves significant practical work involving the development and use of forensics analysis tools as well as written assignments.

Topics include:

  • Accounting Forensics
  • Sarbanes-Oxley Financial and Accounting Disclosure Information
  • Computer Crime and Criminals
  • Computer Forensics
  • Network Forensics
  • Forensics Tools
  • Liturgical Procedures

COSC 430 Information Security and Access Management

COSC430 builds on COSC332: Data and Network Security through a combination of case studies of information security management issues, incidents and examples, plus research and application of current best practices and standards. The focus of this course is on security management and identity and access processes and the business context of information security.

This course covers the issues and processes involved with managing the security of computer systems and networks. Identity and access control is crucial for the satisfactory operation of modern computer networking systems.

The basic components of security management cover the following topics:

  • Assessing and managing security risks
  • Developing security policies and plans
  • Evaluating, validating and certifying the security of IT operations and systems
  • Ongoing security management and governance
  • International standards and frameworks, including ISO/IEC27001: Information Security Management, SABSA and COBIT.
  • Managing for changes in technologies, environments and business needs.

This course will also focus on identification and authentication at multiple levels ranging from the business context to security technologies and techniques as used in fixed and wireless networks. It also introduces students to some current practices for implementing Identity Management Solutions across an enterprise. This includes the security management of access control across multiple applications and systems, and the security management of authentication models and protocols across such systems in a distributed environment.

This course will discuss the application of authentication models and protocols used in electronic payment systems covering EFTPOS, ATM and Mobile applications. It will also describe different types of authentication and authorisation servers. The course will also cover different types of authentication factors including token, smartcards and biometric techniques used for authentication. These identity and access security management topics include:

  • Basic concepts identity and access management
  • Integrity, Non-repudiation and Confidentiality, Authentication, Access Control
  • Names and Directories, Digital Rights Management, Interoperability Standards
  • Federating Identity and Architecture for Digital Identity
  • Models, Architecture, Interoperability and Policies
  • Payment infrastructure, identity in banking industry, chip cards, smart cards, RFID, mobile commerce

 

Semester 2

COSC 424 Secure Software

This course is designed to build on the work of COSC331 and COSC332 which are recommended prerequisites. It is also designed to be taken in conjunction with COSC435 Computer and Network Forensics B and COSC429 CyberSecurity as well as other papers from the Post Graduate Diploma in Computer Security and Forensics Group.

This course is concerned with designing and implementing secure operating system and application software, that is, software that is not vulnerable to malicious attacks. By the end of the course, students should be familiar with why security is important, what types of vulnerabilities can be present in software, how they can be exploited, and how to go about developing software that is sufficiently secure. The course involves significant practical work as well as written assignments.

The course explains some of the most common security issues involved in the development of software, including secure coding practices, secure database access, secure data communications, security of web applications, use of encryption techniques and security testing and evaluation.

Design of secure web service infrastructure including topics such as: security requirements definition, system specification, security procedure definition and security management and audit, threat and vulnerability analysis, information leakage, integrity violation, Denial of Service (or - how to build a secure web-based infrastructure!). Security of web server design is an important part of this course.

Topics include:

  • Types of vulnerabilities and how they arise
  • Best software development principles and practices
  • Goals of secure and trusted software
  • Exploitation of vulnerabilities, e.g. buffer overflows etc
  • Principles of security architecture, e.g. input validation, principles of least privilege etc
  • Design and implementation of secure web servers
  • Design and implementation of secure applications
  • Secure operations (Security features are not necessarily secure features)
  • Use of encryption and authentication
  • Automation and testing

COSC 435 Computer and Network Forensics B

This course is designed to build on the work of COSC331 and COSC332 which are recommended prerequisites. It is also designed to be taken in conjunction with COSC424 Secure Software and COSC429 CyberSecurity as well as other papers from the Post Graduate Diploma in Computer Security and Forensics Group. This course provides students with an understanding of Digital (Computer) Forensics, Network Forensics including theory, tools and application of forensic techniques.

This course is intended to provide students with greater depth of study on a number of key topics in the area of computer security in society: cybercrime, computer and network forensics, and financial forensics. The course involves significant practical work involving the development and use of forensics analysis tools as well as written assignments.

Topics include:

  • Accounting Forensics
  • Sarbanes-Oxley Financial and Accounting Disclosure Information
  • Computer Crime and Criminals
  • Computer Forensics
  • Network Forensics
  • Forensics Tools
  • Liturgical Procedures

COSC 429 Cybersecurity

This course is designed to build on the work of COSC331 and COSC332 which are recommended prerequisites. It is also designed to be taken in conjunction with COSC424 Secure Software and COSC435 Computer and Network Forensics B as well as other papers from the Post Graduate Diploma in Computer Security and Forensics Group.

This course is intended to provide students with an introduction to the subject of Cybersecurity and its role in contemporary military thinking, and to understand the scope and limitations of information operations. The course involves significant practical work as well as written assignments.

Topics include:

  • Society and Computers
  • The Revolution in Military Affairs
  • Information Superiority
  • Information Operations
  • Firewalls and Perimeter Defense
  • Computer Network Attack
  • Signals Exploitation and Cryptography

Additional Paper

MATH 409 Cryptography

Cryptography is the science of making and breaking secret codes: encryption is what keeps our credit card details safe when we send them over the internet. In this course we will study the mathematics behind some of the main encryption systems in current use. These systems draw on ideas from algebra, geometry, number theory and probability theory. The course is aimed at students majoring in computer science, mathematics or postgraduate study in Computer Security and Forensics. Although the core lectures are those for MATH391, those students taking the course as MATH409 will have additional material to study under the lecturer's direction, and will have harder assessment questions than those for MATH391. Students need to have already passed MATH221 (Algebra and Cryptography).

Other COSC400 level papers available here.