School of Engineering and Technology, (SET) | ||||
AT83.04 : IoT Security 3(3-0) | ||||
Course objectives: | ||||
The objective of this course is to first familiarize the students with the security concepts relevant to deploying and developing applications involving Internet of Things then to give them opportunities to hone their skills in putting the concepts that they have learned into practice. |
||||
Learning Outcomes: | ||||
Students, on completion of this course, would be able to
|
||||
Pre-requisite(s): | ||||
Cloud computing |
||||
Course Outline: | ||||
I. Introduction to IoT Security 1. Common system architectures in practice 2. Azure IoT system architecture 3. Components in Azure IoT security infrastructure II. Goal-oriented security modelling 1. Asset identification 2. IoT threat modeling 3. Adversary’s goal 4. Adversary’s power III. Authentication 1. Cryptographic tools: hash functions, challenge-response protocols, key exchange protocols 2. Identity and access management 3. Multi-factor authentication IV. Authorization 1. Cryptographic tools: block ciphers, key-derivation functions 2. Session ID and tokens 3. Access control lists and role-based access control V. Accounting 1. Logging 2. Resource utilization and capacity planning 3. Trend analysis VI. Perimeter security 1. Network segmentation and access control 2. Network security appliances 3. Network logging VII. Data security 1. Cryptographic tools: symmetric encryption, message authentication codes, authenticated encryption, public-key encryption, digital signatures 2. Disk encryption 3. Database encryption 4. Key management VIII. NIST cybersecurity framework 1. Identification 2. Protection 3. Detection 4. Response 5. Recovery
|
||||
Learning Resources: | ||||
Textbook: | ||||
|
||||
Reference Books: | ||||
Ross Anderson. (2020), Security Engineering: A Guide to Building Dependable Distributed Systems, John Wiley & Sons, Inc., ISBN: 9780470068526. |
||||
Time Distribution and Study Load: | ||||
Lectures: 45 hours Assignments and projects: 45 hours Presentations: 3 hours Self study: 87 hours |
||||
Teaching and Learning Methods: | ||||
The Microsoft Azure cloud computing and IoT platform will be used as an environment in which the concepts are made concrete and the practical skills are acquired. |
||||
Evaluation Scheme: | ||||
The final grade will be computed according to the following components: midterm examination 25%, final examination 30%, assignments/presentation 10%, and project 35%. Open-book examination is used. In the evaluation, an “A” will be awarded if the student demonstrates an excellent level of understanding of the principles and demonstrates an excellent level of relevant skills and analytical ability. “B” will be awarded if the student demonstrates an average level of understanding of the principles and demonstrates an average level of relevant skills and analytical ability. “C” will be given if the student demonstrates a below average level of understanding of the principles and demonstrates a below average level of relevant skills and analytical ability. “D” will be given to indicate an acceptable but poor level of understanding, skills, and analytical ability.
|
||||
Instructor(s): | ||||
|
||||