spring 2024
INF-2310 Computer Security - 10 ECTS

Type of course

The course can be taken as a singular course. The course is given every spring semester.

Admission requirements

Admission requirements: Higher Education Entrance Qualification + specific entrance requirements equivalent to MATRS: R1/(S1+S2). Application code: 9354 - Singular course in computer science.

Course overlap

If you pass the examination in this course, you will get an reduction in credits (as stated below), if you previously have passed the following courses:

INF-2301 Computer communication and security 5 ects
INF-2310 Security in distributed systems 5 ects

Course content

The course will provide an introduction to the general principles of computer security from an applied viewpoint. Topics include common cyber-attacks, techniques for identifying and defending against vulnerabilities in computers and networks, the fundamental building blocks of secure systems, security principles for commonly used items, and human, social, and economic aspects of computer security. The course will focus on security issues related to software exposed to network communication, particular in modern web applications.

Recommended prerequisites

INF-1101 Data structures and algorithms, INF-2300 Computer Communication

Objectives of the course

Knowledge - The candidate has knowledge of

  • general principles, goals, and abstractions for cybersecurity (e.g., confidentiality, availability, integrity, assurance, anonymity, authenticity);
  • concepts of risk, threats, vulnerabilities, and attack vectors;
  • basic cryptography and cipher types;
  • basic authentication and key exchange protocols, including Diffie-Hellman;
  • the access control matrix;
  • public-key infrastructures, digital signatures, and certificates;
  • web authentication protocols; and
  • cross-site scripting vulnerabilities and the same-origin policy for JavaScript executing in browsers.

Skills - The candidate can

  • analyze software artifacts in terms of confidentiality, integrity, and availability;
  • use cryptographic tools to send and receive messages over the Internet;
  • use digital signatures;
  • authenticate remote principals in web servers; and
  • identify and avoid common security vulnerabilities.

General competence - The candidate can

  • analyze and document computer systems and protocols;
  • participate actively in professional discussions (oral or written);
  • develop robust and secure software systems; and
  • apply security-by-design principles.

Language of instruction and examination

The language of instruction is English, and the syllabus material is in English. The examinations will also be in English but can be answered either in English or a Scandinavian language.

Teaching methods

Lectures: 30 hours, Colloquium: 30 hours, Laboratory: 30 hours.

Information to incoming exchange students

This course is available for inbound exchange students.

This course has recommended academic prerequisites. Please see the «Prerequisite» section for more information.

Do you have questions about this module? Please check the following website to contact the course coordinator for exchange students at the faculty: INBOUND STUDENT MOBILITY: COURSE COORDINATORS AT THE FACULTIES | UiT



Examination: Date: Duration: Grade scale:
School exam 29.05.2024 09:00
4 Hours A–E, fail F

Coursework requirements:

To take an examination, the student must have passed the following coursework requirements:

Written assignments Approved – not approved
UiT Exams homepage

More info about the coursework requirements

5 written assignment, individually graded "approved" / "not approved".

Re-sit examination

The re-sit exam is offered for those who did not get a passed grade on the last ordinary examination. It will be arranged a 4 hour written exam counting 100%.
  • About the course
  • Campus: Tromsø |
  • ECTS: 10
  • Course code: INF-2310
  • Earlier years and semesters for this topic