TDDD17 Information Security, Second Course
There are two labs in the course. The labs are not mandatory but
passing the labs gives extra credits for the exam. Each lab gives
The rules are as follows:
- You must pass both labs by March 6. Your last chance to hand in lab reports is March 6 at 17:00. No lab reports, additions, modifications or corrections will be accepted after this deadline. You should hand in your lab reports well before this deadline so that you have time to correct any minor problems there may be in the reports. Your reports will be evaluated by March 10 at 17:00 latest, and the result (PASS/NOT-PASSED) will be e-mailed to you.
- For each of the two labs that you PASS you will get 2 bonus in-depth points on the exam. You can thus get a maximum of 4 bonus in-depth points.
- Bonus points are valid for all three exam occasions during 2015.
If you want to do the labs you must register in Webreg. The deadline for lab registration is January 21.
Each lab will take about four occasions to finish, but some of you may need extra time so use the time well. Note that there will not be a supervisor available on all lab occasions.
You must work in pairs of two on the labs.
Note: Three lab occasions will be supervised. The rest of the time you will work on your own (in pairs).
|Fri||23/1||10-12||SU10, SU11||Lab 1 - Authentication: Supervised by Ulf Kargén.|
|Mon||26/1||15-17||SU10, SU11||Lab 1 - Unsupervised|
|Mon||2/2||15-17||SU10, SU11||Lab 1 - Unsupervised|
|Mon||9/2||15-17||SU10, SU11||Lab 1 - Authentication: Supervised by Ulf Kargén|
|Tue||10/2||8-10||SU10, SU11||Lab 1 and 2: Unsupervised|
|Tue||17/2||8-10||SU10, SU11||Lab 2 - Firewalls: Supervised by Marcus Bendtsen|
|Fri||20/2||10-12||SU10, SU11||Lab 2: Unsupervised|
|Fri||27/2||10-12||SU10, SU11||Lab 2: Unsupervised|
|Mon||2/3||15-17||SU10, SU11||Lab 2: Unsupervised|
|Tue||3/3||08-10||SU10, SU11||Lab 2: Unsupervised|
In this lab you will get hands-on experience with implementing authentication and authorization in web apps.
Goals of this lab:
- Understand how authentication and authorization with OpenID Connect works
- Design and implement your own authentication method
Prerequisites: Programming experience. (Some experience with web programming is strongly recommended, but not strictly required.)
Report: Hand in your written report containing diagrams and answers to questions. Hand in your well-commented code and demonstrate your solution. Send your lab solutions to Ulf Kargén via e-mail.
Lab instructions: tddd17-AUTH-lab.pdf
In this lab you will set up a Linux-based system as a firewall, according to a network security policy provided to you. The implementation will be done using a virtual Linux network designed to mimic a fairly typical corporate network scenario.
Practical information: You will be located in the SU-rooms or somewhere else and work remotely on a server named Marsix to which you connect by following the lab instructions. During setup you will be asked to provide a group number. Use your Webreg group number (found in the leftmost column when you register in Webreg). Note that it is very important to use the correct group number to avoid network conflicts with other groups.
Goals of this lab:
- Get hands-on experience implementing a network security policy
- Get hands-on experience testing a firewall
Prerequisites: This lab assumes that you know how to use a Unix-like operating system from the command line, and that you know the TCP/IP protocols well.
Report: Hand in the answers to the questions in the lab instructions to Marcus Bendtsen via e-mail. (Marcus will be your lab assistant for the firewall lab.)
Lab instructions: tddd17-FW-lab.pdfQuick guide to Linux/mln/XServer: tddd17-mln-guide.pdf
This short manual contains solutions to common problems with the virtual machines, an introduction to Linux commands and some advice to you who want to do your labs from a Windows machine.
Page responsible: Nahid Shahmehri
Last updated: 2015-01-15