University of Oxford Logo University of OxfordSoftware Engineering - Home
On Facebook
Follow us on twitter
Linked in
Linked in
Google plus
Google plus
Stumble Upon
Stumble Upon

Software and Systems Security

As computing systems become more essential to our daily lives, it becomes ever more important that the services they provide are available whenever we need them. We must also be able to rely on the integrity of the systems, and thus the information that they hold and provide. What is more, our society and our economy depend upon certain pieces of information being held in confidence.

We want to be assured that they will work exactly as expected, and that they will keep working – even in the face of disasters, accidents, or deliberate attempts to interfere with or prevent their function.

Achieving and maintaining security is a complex, interdisciplinary challenge. We must consider not only the software and hardware components of a system, but also the way in which these relate to the human processes and physical constraints of the real world. A modern security professional needs to understand principles of architecture, design, management, interoperability, and evolution, and to apply them effectively in a world of rapidly-changing technologies and expectations.

The Software and Systems Security Programme at the University of Oxford teaches these principles and their application. It offers a flexible programme of short courses to those working full time in industry or in the public sector. It addresses a wide range of subjects – from service architectures to forensics, from trusted platforms to risk analysis, and from human factors to incident management. It is accessible to anyone with the right combination of previous education and practical experience.

The courses on the Programme can be used as individual programmes of professional training in specific subjects, or as credit towards a Master of Science (MSc) degree in Software and Systems Security from the University of Oxford. Students on the MSc take between two and four years to complete a minimum of ten courses, typically at a rate of three courses per year, earning a degree while in full time professional employment. The courses may be taken in any order and combination, depending upon previous experience and education.

Each short course is based around a week of intensive teaching in Oxford, with some initial reading to consider beforehand, and a six-week assignment to complete afterwards. The teaching week allows you the chance to explore a subject in depth, with expert teaching and supervision, away from the demands of work and family. The reading gives you the opportunity to prepare yourselves; the assignment, an opportunity to deepen and to demonstrate your understanding.

Security Principles (SPR)

This course teaches the fundamental principles of information and systems security, and is often used as an introduction to the Programme. It explores a wide range of security technologies, examines security standards and expectations, and explains techniques for the evaluation of security requirements and solutions. It places theoretical work on protocol design, cryptography, and information flow firmly in the context of existing and emerging practice, with an emphasis upon integration and usability.

Secure Programming (SCP)

Many failures and vulnerabilities arise at the programming level. These are often due to inadequate handling of exceptional situations, poor understanding of the details of the programming language in use, and incomplete descriptions of the interfaces between components. This course aims to improve the practitioner's capability in writing and reviewing code, through a thorough understanding of static analysis, run- time assertion checking, and compile-time verification.

Participants should have a basic understanding of topics in security, as provided by the Security Principles (SPR) course.

Trusted Computing Infrastructure (TCI)

A secure system is the product of numerous layers that operate together to provide in-depth protection. This course looks at the various platforms upon which a secure system operates, with an emphasis on practical and repeatable means of implementing these platforms securely. It examines roots and chains of trust, operating systems security, trusted platforms, and virtualisation for security. It shows how these are applied to secure networking, remote working, trusted storage, and remote computation in grids and clouds.

Participants should have a basic understanding of topics in security, as provided by the Security Principles (SPR) course.

Design for Security (DES)

Security is a system-level property, and emerges from the coordinated design of components and processes. This course shows how a range of factors, from architectural patterns to detailed technical controls, can be considered together in the production of cost-effective solutions. It addresses the challenge of providing security, through a combination of infrastructure, mechanisms, and procedures, while satisfying requirements for functionality and usability.

Participants should have a basic understanding of topics in security, as provided by the Security Principles (SPR) course.

Security Risk Analysis and Management (RIS)

The concept of risk is central to software and systems security. An understanding of the ways in which systems are exposed to different kinds of threat, and an appropriate assessment of likelihood and impact, can inform the selection and prioritisation of security measures. This course teaches a principled approach to risk analysis, explores the techniques and practices of risk management, and demonstrates their application through a realistic set of examples and case studies.

Participants should have a basic understanding of topics in security, as provided by the Security Principles (SPR) course.

People and Security (PAS)

Many failures in security can be attributed to human weakness, misunderstanding, misinformation, misdirection, or failure to grasp the importance of prescribed processes and procedures. The interaction between people and technology often presents a significant challenge to secure operation. This course teaches techniques drawn from human-computer interaction and psychology, addressing this challenge within the context of hard, technical implementation decisions.

Familiarity with basic security principles and standard mechanisms, as covered in Security Principles (SPR), is assumed.

Network Security (NES)

Networks are a potential vector for many forms of attack, and are an ideal location for threat mitigation and isolation technologies. This course teaches approaches to the prevention, detection, mitigation, and remediation of security problems in the network at each layer, as well as looking at cross-cutting concerns across a complete networking stack. It examines the strengths and weaknesses of boundary protections, intrusion detection and prevention, and privacy-preserving routing.

Participants should have a basic understanding of topics in security, as provided by the Security Principles (SPR) course.

Cloud Security (CLS)

The provision of automated self-managed services – for software, platforms, and infrastructure –relieves local administration of many security concerns, yet also removes from them many of the tools and controls they expect to use, while introducing new threats and adversaries. This course reviews the architectural principles of cloud computing, describes the threats and security controls possible at each level of abstraction, and addresses cloud management services for trustworthy, secure, and resilient operation with minimal intervention.

Forensics (FOR)

The investigation of computer crime is a delicate, involved process that requires a deep understanding of the evidential standards expected in circumstances where electronic forensic data is to be used. This course describes the current best practice in understanding and deconstructing an attack whilst preserving evidence, and explores how to design and evaluate systems in order to facilitate forensic examination. It combines a strong overview of principles with some illustrative practical work, recovering data using necessarily low-level tools.

Participants should have a basic understanding of topics in security, as provided by the Security Principles (SPR) course.

Data Security and Privacy (DAS)

New technologies make it possible to capture increasingly detailed, personal information: about customers, patients, and citizens. As new ways of linking and using this information emerge, so too do concerns about the security of the corresponding data. This course explores the potential impact of existing and future legislation upon data storage and processing, and presents practical approaches to the secure management of personal and other information in databases and applications.

Participants should have a basic understanding of computer security to the level provided by the Security Principles (SPR) course; participants should also have a basic understanding of relational databases to the level provided by the Database Design (DAT) course.

Security and Incident Management (SIM)

A key ingredient of successful security and risk programmes is effective management of security- related incidents. Incidents range from the small and predictable, which can be eliminated through operation controls, to the large and unpredictable, where standard management controls and mechanisms may not work. This course teaches the principles of incident management in practice and identifies key themes for effective response to the range of events and triggers that impact upon businesses, governments, and individuals.

Building Information Governance (BIG)

To govern information now requires mastery of a diverse, often international, portfolio of legal rules, technology standards, business policies and technology, all applied across increasingly complex, distributed systems and repositories. The increase scrutiny and requirements of official agencies and business partners impose new requirements for compliance documentation and transparency. This course introduces a structured design approach that enables strong, responsive, and resilient information governance to be incorporated into the design and management of digital assets.

Mobile Systems Security (MSS)

Mobile devices present distinctive challenges for security, including problems of device association, power constraints, and restricted interfaces. Mobile applications often incorporate both local and remote services, complicating the management and enforcement of security policies. This course presents a range of techniques for the design and implementation of secure mobile applications, balancing the requirements of functionality, security, resource utilisation, and privacy.

Security in Wireless Networks (SWN)

Wireless and mobile networks are familiar from everyday life, but present a distinctive mix of security challenges, as a result of trade-offs between power, cost, physical propagation characteristics, interfaces, modes of use, and management. Moreover, as they often are associated with the individual,they are often of central importance in concerns of privacy. The purpose of this course is to familiarise participants with threats, vulnerabilities,and security countermeasures of core technologies such as WLAN, Bluetooth, GSM, and UMTS, as well as new and emerging wireless technologies, such as ZigBee, wireless mesh networks, and RFIDs.

Understanding and Mitigating Malware (MAL)

Malware is increasingly becoming a key problem for organisations and Internet users. Cybercriminals infect computers with malware and use them for their own gain, for example by stealing sensitive financial information or corporate data. This ecosystem has become so profitable that an entire underground economy has emerged around it, in which specialised actors provide services to each other and collaborate towards the success of these criminal endeavours. In this course, we will cover malware and cybercriminal operations in detail, focusing on both the engineering and the social and economic aspects of malware operations. We will then introduce mitigation techniques against malware operations, and illustrate what an effective mitigation strategy against malware operations looks like.