Module Information

Many of the issues with the storing and handling of data are process-based. The data is not represented or stored appropriately, or ad hoc processes are used to
produce results, or insufficient thought is put into how the data is made available or to whom. The module will look at a range of issues related to performance and security in the context of computer systems. It will address not only confidentiality and privacy of data but also the integrity of data and guaranteeing reproducible
results.

1. Introduction to data handling: modelling, processing, and security. Case studies of issues in handling data. 4 hours.

2. Social,legal and professional issues with data and software. People in the system. Business drivers for software systems. Overview of relevant computer law. Quality Assurance and software engineering. Ideas of security, resilience, testing,maintenance. 8 hours.

3. Relational modelling and data storage. Persistent storage. Entities and relationships. Primary and foreign keys. Referential integrity. Relational algebra. Data normalisation. Overview of SQL. Validating a design. 8 hours.

4. Distributed systems, structure of the Internet and how it works: Internet architectures, domains, TCP/IP, OSI,Internet Security Protocols; Tunnelling; VPNs; network attack and defence; TLS; Non IP Protocols & Standards. 8 hours.

5. Application Security issues: Email,web, social networks, ORM, Database security, Big Data security, identity management, programming issues. Physical security. 6 hours.

6. Cryptography and system security: Cipher and algorithm types; applications to confidentiality, integrity and authentication; PKI AES and RSA; Key management; Digital Signatures. Authentication (secrets, tokens, biometrics); Access Control (MAC, DAC, RBAC) and Privilege management; 6 hours.