ICT Security Basics from Trust to Blockchain (5 cr)
Code: ICT4HM103-3004
Basic information of implementation
- Enrollment
- 13.06.2022 - 21.10.2022
- Enrolment for the implementation has ended.
- Timing
- 24.10.2022 - 16.12.2022
- Implementation has ended.
- ECTS Credits
- 5 cr
- Campus
- Pasila Campus
- Teaching languages
- English
- Seats
- 15 - 25
- Degree programmes
- ATBUM Degree Programme in Aviation and Tourism Business
- LEBUM Degree Programme in Leading Business Transformation
- BUTEM Degree Programme in Business Technologies
- Teachers
- Tero Karvinen
- Groups
-
MAICTEInformation Services and Systems, Masters, Pasila
-
MAICTFICT-palvelut ja tietojärjestelmät, masterit, Pasila
-
EVENINGEvening implementation
-
MADIGEDigital Business Opportunities, Masters, Pasila
-
MADIGFDigitaalisen liiketoiminnan mahdollisuudet, masterit, Pasila
-
EXCHEXCH Exchange students
-
ONLINEOnline implementation
- Course
- ICT4HM103
Evaluation scale
H-5
Schedule
In course homepage, updated during the course.
- Organizing. Overview of the course. Fundamentals vs common attacks.
- Adversarial situation. The most common ways to attack companies
- Encryption. CIA tirad in encryption. Symmetric and asymmetric encryption.
- Hashing. Two way authentication.
- Practical encryption technieques.
- New applications for encryption.
- Bitcoin and cryptocurrencies. Incentives. Consensus.
Implementation methods, demonstration and Work&Study
Depending on the implementation, learning takes place in contact lessons, independent studies, teamwork and online-studies. The course includes the assessment of one’s own learning.
Theoretical instruction combined with practical demonstrations. Laboratory exercises in a computer lab. Independent work (reading and practice) and reporting. There are 25 machines and seats in the laboratory, so the number of participants is limited to this.
Recognition of prior learning (RPL)
If students have acquired the required competence in previous work tasks, recreational activities or on another course, they can show their competence via a demonstration. The demonstration must be agreed with the course teacher. More information and instructions for recognising and validating prior learning (RPL) are available at https://www.haaga-helia.fi/en/recognition-learning Look at "Instructions to students (master)"
Materials
Articles, videos and book chapters provided by teacher. Software is mostly free open source software used in the industry, with the aim of providing a fully licensed copy to student's use even after the course.
For example
- Schneier 2015: Applied Cryptography
- Santos et al 2017: Security Penetration Testing - The Art of Hacking Series
- MITRE: ATT&CK Enterprise Matrix.
- Felten et al 2015: Bitcoin and Cryptocurrency Technologies
- Schneier 1999: Modeling security threats
- Cryptopals
- Debian 11 Bullsyeye non-free
- Metasploitable
- Karvinen 2022: Cracking Passwords with Hashcat
Previous homework, student feedback, reading lists on https://terokarvinen.com/2021/trust-to-blockchain-2022/
Please note that this is not a penetration testing course, even if some of the exercises demonstrate similar techniques. If you want to learn penetration testing, have the time and technical background, consider my non-masters level course "Tunkeutumistestaus" in addition to this course.
Reading list is likely to change during the course. Paid content behind paywalls could be available for free using Haaga-Helia student access.
Teaching methods and instruction
ONLINE: Fully remote, mandatory participation to classes.
- Teaching in video conference
- Independent study, reading, summarizing, solving technical tasks and reporting, giving feedback to fellow students
- The assessment of one’s own learning 1 h
- Studying includes classes and exercises
Online course, fully remote. Requires active participation to classes in video conference, at the time marked in the timetable.
To participate, you'll need Internet connection, headphones, camera and a computer where you can install Linux on a virtual machine (with instructions). To be able to discuss pentest techniques, you must accept course rules.
Working life connections
Many participants are usually already working in the field, which hopefully leads to interesting discussions. No matter if you're a CEO, CIO, helpdesk worker (or not working with IT at all), you're welcome here.
Exam dates and re-exam possibilities
No exam.
Internationality
Likely international participation. It's possible to publish homework reports to talk to international audience. Course material is developed by authors from many countries, and some technical tools are multinational FOSS (Free, open source software) projects.
Learning assignments
- Active participation in the classes, including discussions and technical tasks
- Presentation
- Homework, including reporting technical tasks
- Cross evaluation of reports and giving helpful feedback to fellow students
Assessment methods
Homework reports, active participation in classes, cross evaluation, presentations.