IMT6021 - Foundations of Information Security


Examination arrangement

Examination arrangement: Assignment and Written examination
Grade: Passed/Failed

Evaluation form Weighting Duration Examination aids Grade deviation
Written examination 33/100 3 hours E
Assignment 67/100

Course content

-Security Analysis Models and Methods
-Foundations of Identification and Authentication
-Trust and Reputation Models
-Access Control Models and Foundational Results
-Security and Information Flow Models
-Developmental Assurance

Learning outcome

The module provides an overview over several foundational areas in information security. In doing so, the module seeks to provide a consistent narrative emphasising the need for thorough analysis of threats and vulnerabilities and the inclusion of assurance mechanisms and metrics over considering security mechanisms in isolation.The core of the module is given over to a rigorous discussion of security models and their relation to access control models with selected issues in identification and authentication and their required trust and reputation models also covered.

 On concluding the module, candidates

are able to analyse an information system's security relying on formal and semi-formal methods

can identify appropriate formal security and information flow models consistent with threat and risk analyses as well as security policies

are able to evaluate and conduct developmental assurance processes


 On concluding the module, candidates

will have an in-depth understanding of formal security models, particularly access control and information flow models

will be able to synthesise or analyse a formal or semi-formal system security analysis with emphasis on attack tree variant models

can articulate constraints and risks for identification and authentication mechanisms serving as a pre-requisite for formal security model

General Competence:
 On concluding the module, candidates

are able to assess formal and informal security models 

have formed an overview of the foundations of information security allowing to contextualise and frame discussions in the area

 will have developed the ability to link disjoint areas of information security, synthesising security models and realisations

Learning methods and activities

-Literature study and term paper

Compulsory requirements: None

Further on evaluation

Utfyllende om kontinuasjon:

Failing one part requires a re-sit of both parts, a new term paper must be provided.


Assessment consists of two parts; both parts must be passed to secure an overall 'Pass' grade:

Part I is a written examination (3 hours), accounting for 33% of grade. Candidates must achieve an 'A' or 'B' grade to gain the equivalent 'Pass' Grade in Part I. The written exam evaluated by internal and external examiners.

Part II is a term paper, accounting for 67% of grade. The term paper is evaluated by the lecturer on a Pass/Fail scale.

Specific conditions

Admission to a programme of study is required:
Computer Science (PHD-CS)
Information Security (PHD-IS)
Information Security and Communication (PHISCT)

Course materials

The following textbooks are the primary references; further recommended
reading is provided in the course syllabus.
-D. Gollmann: Computer Security, 3rd edition Wiley, 2011
-M. Bishop: Computer Security: Art and Science. Addison-Wesley, 2003.

More on the course



Version: 1
Credits:  5.0 SP
Study level: Doctoral degree level


Term no.: 1
Teaching semester:  AUTUMN 2020

Language of instruction: English

Location: Gjøvik

Subject area(s)
  • Informatics
Contact information
Course coordinator:

Department with academic responsibility
Department of Information Security and Communication Technology



Examination arrangement: Assignment and Written examination

Term Status code Evaluation form Weighting Examination aids Date Time Digital exam Room *
Autumn ORD Written examination 33/100 E
Room Building Number of candidates
Spring ORD Written examination 33/100 E
Room Building Number of candidates
Autumn ORD Assignment 67/100
Room Building Number of candidates
Spring ORD Assignment 67/100
Room Building Number of candidates
  • * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.

For more information regarding registration for examination and examination procedures, see "Innsida - Exams"

More on examinations at NTNU