Design for Security
Capability in the design of systems that meet security goals is an increasingly important skill. This course explores how cost-effective solutions to security needs can be achieved by following well-established architectural practices and detailed security principles. Central to these considerations is meeting the requirements with established solutions, and striking a balance between security and other system requirements.
Frequency
This course normally runs twice a year.
Course dates
13th January 2025 | Oxford University Department of Computer Science - Held in the Department | 07 places remaining. |
6th October 2025 | Oxford University Department of Computer Science - Held in the Department | 15 places remaining. |
15th June 2026 | Oxford University Department of Computer Science - Held in the Department | 17 places remaining. |
Objectives
At the end of the course, students will
- know the strengths and weaknesses of different security design techniques
- be able to specify a security solution to fulfill specific design requirements
Contents
- Managing Security
- Enterprise business strategies; Promoting security; Information security policy;
- Security Requirements
- Motivation for security requirements; Security requirements artefacts; Specifying security requirements;
- Security Design Process
- Business continuity; Principles of security design; AEGIS design methodology;
- Security Architectures
- Security design patterns; Platform and channel security components; Enterprise security architectures;
- Designing Access Control
- Security and access control; Access control policy; Security policy models;
- Designing Secure Systems
- Security standards; Security decision-making; Design principles; Architecture principles; Security vs other architectural goals.
Requirements
This course assumes a level of familiarity with basic security concepts and mechanisms. Security Principles would be an ideal preparation.