In order to build secure systems, appropriate methodologies must be used throughout the lifecycle, not least in the detailed implementation stage. This course takes a case study approach to topics such as buffer overflows, cryptographic libraries, sandboxing, code signing, network security, and code correctness, to build towards a toolkit of sound principles.
At the end of the course, students will
- understand the ways in which computer platforms can fail and
- be able to specify ways in which these platforms can be hardened to protect them against attack
- Abstraction & its Limitations
- Evaluate how attacking the assumptions that systems are built on can be used to circumvent and break the security of the whole system. Also reviewed will be the extent to which good coding practice can mitigate this problem.
- Virtualisation & Sandboxing
- Describe common features of popular virtual machines and their effectiveness in overcoming the problems of abstraction.
- Security Infrastructures
- Enabling trust in hardware, operating systems and services.
- Databases and Data Mining
- Present and describe database security, focussing on practical access control measures, and going into detail about inferential and statistical attacks aimed at identifying confidential information.
- Network Security Architectures
- Evaluate common practices in network security designs.
- Embedded & Mobile Systems
- Present the needs and difficulties associated with securing embedded and mobile systems.
The course assumes a level of familiarity with basic security concepts and mechanisms. Security Principles would be an ideal preparation.