Course - ICT-Security Evaluation - TM8104
TM8104 - ICT-Security Evaluation
Lessons are not given in the academic year 2013/2014
The course is about principles and methods for development of criteria for ICT security evaluation and how these are used to evaluate security.
Example topics are: protection profiles (PPs),security targets (STs), security functionality, functionality classes, assurance correctness, assurance effectiveness, evaluation assurance levels (EALs), certification, accreditation, standardisation of evaluation criteria, national scheme for evaluation and certification.
A. Knowledge: After having completed the course, the students shall have obtained basic knowledge of the principles and methods which are employed for evaluation of the security of an ICT product or service
B. Skills: To be able to perform a security evaluation based on the requirements expressed in the international standard ISO/IEC IS 15408 Evaluation Criteria for IT Security, Parts 1/3 and the methods described in CEM
Learning methods and activities
Lectures, colloquia, discretionary exercises. If postponed exam (continuation exam) is used, an oral exam may be used as opposed to the normal written exam.
The grading rule is pass/fail. The minimum passing grade is 70/100 points (70%).
Recommended previous knowledge
Master Degree in ICT with emphasis on information security.
Internationally standardised criteria for ICT Security evaluation (ISO 15408, Part 1-3, ISO 27001), security evaluation methodology (CEM).
Credits: 7.5 SP
Study level: Doctoral degree level
Language of instruction: English
- Communication and Information Science
Department with academic responsibility
Department of Information Security and Communication Technology
- * The location (room) for a written examination is published 3 days before examination date.
For more information regarding registration for examination and examination procedures, see "Innsida - Exams"