60 higher education credits in Computer and Information Science or Computer Science including 7.5 higher education credits in programming and

- the course DA297A: Database Technology and

- the course DA211A: Introduction to Studies in Computer Sciencealternatively DA154A: Introduction to Computer Sciencealternatively DA380A: Computer Science: Gaming Studies

Besides the formal requirements listed above it's also presumed that the student have knowledge from the course DA109A

The course is included in the main areas of Computer Science and Computer and Information Science and can be included in the degree requirements for computer science and in computer and information science.

• The digital environment
• Objectives of information security
• Models for threat and risk analysis
• User authentication and access control
• Malicious software and application attacks
• Protection mechanisms and security management
• Ethical perspectives on information security

Knowledge and understanding
After completing the course the student shall be able to:

• identify and describe threats and vulnerabilities to information resources in the digital environment
• identify and describe information security strategy and prioritize relevant security-enhancing mechanisms in the digital environment
• describe the fundamental concepts of access control and password protection

Skills and abilities
After completing the course the student shall:

• know and be able to relate to general principles and methods of information security
• analyze and evaluate risks in information security
• demonstrate proficiency in the development of security controls

Evaluation ability and approach
After completing the course the student shall be able to:

• demonstrate the ability to identify, discuss, and critically reflect on various aspects of information security and ethics based on concrete and current problem descriptions that affect the digital environment and society in general
• assess the current situation of an organization with regard to the threats, risks, and protection of information assets
• prioritize threats to information resources in the digital environment

The course consists of lectures, exercises in laboratory calculations, project work as well as independent studies.

Requirements for a passing grade are based on:

• Written exam (3 credits) – UV
• Laboratory assignments (2 credits) - UG
• Project work (2.5 credits) - UG

Requirements for a pass with distinction: Pass with distinction on the written exam, a passing grade on laboratory assignments and a passing grade on the project work.

• Stallings, William and Brown, Lawrie (2018),Computer Security: Principles and Practice, 4th Edition, Global Edition. Pearson Education Limited.

Reference literature:

• Anderson, Ross (2021),Security Engineering: A Guide to Building Dependable Distributed Systems, 3rd Edition.
• Chapple, Mike, Stewart Michael James & Gibson, Darril (2018),(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (Isc Official Study Guides), 8th Edition, Sybex.
• Gollmann, Dieter (2011),Computer Security, John Wiley & Sons, 3rd Edition.

The University provides students who are taking or have completed a course, the opportunity to share their experiences of and opinions about the course, in the form of a course evaluation that is arranged by the University. The University compiles the course evaluations and notifies the results and any decisions regarding actions brought about by the course evaluations. The results shall be kept available for the students. (HF 1:14)

When a course is no longer given, or the contents have been radically changed, the student has the right to re-take the examination, which will be given twice during a one year period, according to the syllabus which was valid at the time of registration.

This is a translation of a Swedish source text.