CSC2031 : Security and Programming Paradigms
- Offered for Year: 2023/24
- Module Leader(s): Dr John Mace
- Owning School: Computing
- Teaching Location: Newcastle City Campus
Semesters
| Semester 1 Credit Value: | 20 |
| ECTS Credits: | 10.0 |
Aims
All computer scientist graduates should have a good understanding of the issues and practicalities of security when designing and implementing systems. This module explores key security challenges faced by modern day software applications and gives students first-hand experience in implementing security mechanisms using different programming styles or paradigms to help address those challenges.
Outline Of Syllabus
1. Security and programming paradigm basics, software security principles and practice.
2. Introduction to Web development and Python Flask.
3. Data input, input validation, error handling.
4. Storing input, database configuration and interaction.
5. Cryptography basics, hashing passwords, encrypting stored data.
6. Authenticating users, multi-factor authentication, limiting login attempts, password management.
7. Authorisation, managing user access, Role Based Access Control, logging users activity.
8. Random numbers, randomness issues, cryptographically secure random numbers.
9. Transmitting data, HTTPS, security headers, digital signatures.
Teaching Methods
Teaching Activities
| Category | Activity | Number | Length | Student Hours | Comment |
|---|---|---|---|---|---|
| Guided Independent Study | Assessment preparation and completion | 10 | 1:00 | 10:00 | Exam and revision |
| Scheduled Learning And Teaching Activities | Lecture | 22 | 1:00 | 22:00 | PIP traditional lectures. Online equivalent could be provided |
| Guided Independent Study | Assessment preparation and completion | 55 | 1:00 | 55:00 | Programming based coursework |
| Guided Independent Study | Assessment preparation and completion | 11 | 1:00 | 11:00 | Lecture follow-up |
| Structured Guided Learning | Lecture materials | 2 | 1:00 | 2:00 | Non-sync lecture material to support lectures |
| Scheduled Learning And Teaching Activities | Practical | 22 | 2:00 | 44:00 | PiP in computer lab with practical teaching & drop-in surgery. Online sessions could be provided |
| Structured Guided Learning | Structured non-synchronous discussion | 11 | 1:00 | 11:00 | Non-sync discussion board with Q & A forum around lecture materials & assessment |
| Guided Independent Study | Independent study | 45 | 1:00 | 45:00 | Background reading |
| Total | 200:00 |
Teaching Rationale And Relationship
Teaching will be PIP but allow for a blended learning approach if needed where a mix of online and face-to-face lecture type activities will present the basic material, followed by substantial practical time during which the students will develop the skills to apply the techniques introduced through the lecture material
Assessment Methods
The format of resits will be determined by the Board of Examiners
Exams
| Description | Length | Semester | When Set | Percentage | Comment |
|---|---|---|---|---|---|
| Digital Examination | 120 | 1 | A | 40 | N/A |
Other Assessment
| Description | Semester | When Set | Percentage | Comment |
|---|---|---|---|---|
| Computer assessment | 1 | M | 60 | Programming-based coursework |
Assessment Rationale And Relationship
This is both a theoretical and practical subject area and therefore merits assessment via digital examination and coursework components.
N.B. This module has both “Exam Assessment” and “Other Assessment” (e.g. coursework). If the total mark for either assessment falls below 35%, the maximum mark returned for the module will normally be 35%.
Reading Lists
Timetable
- Timetable Website: www.ncl.ac.uk/timetable/
- CSC2031's Timetable