Design for Security
Capability in the design of systems that meet security goals is an increasingly important skill. This course explores how cost-effective solutions to security needs can be achieved by following well-established architectural practices and detailed security principles. Central to these considerations is meeting the requirements with established solutions, and striking a balance between security and other system requirements.
|16th February 2015||Oxford University Department of Computer Science||09 places remaining.|
|16th May 2016||Oxford University Department of Computer Science||11 places remaining.|
At the end of the course, students will
- know the strengths and weaknesses of different security design techniques
- be able to specify a security solution to fulfill specific design requirements
- Managing Security
- Enterprise business strategies; Promoting security; Information security policy;
- Security Requirements
- Motivation for security requirements; Security requirements artefacts; Specifying security requirements;
- Security Design Process
- Business continuity; Principles of security design; AEGIS design methodology;
- Security Architectures
- Security design patterns; Platform and channel security components; Enterprise security architectures;
- Designing Access Control
- Security and access control; Access control policy; Security policy models;
- Designing Secure Systems
- Security standards; Security decision-making; Design principles; Architecture principles; Security vs other architectural goals.
This course assumes a level of familiarity with basic security concepts and mechanisms. Security Principles would be an ideal preparation.