ITKST50 Secure Systems Design (5 op)

Opinnon taso:
Syventävät opinnot
Arviointiasteikko:
0-5
Suorituskieli:
englanti
Vastuuorganisaatio:
Informaatioteknologian tiedekunta
Opetussuunnitelmakaudet:
2020-2021, 2021-2022, 2022-2023, 2023-2024

Kuvaus

Content


Managing Security: Enterprise business strategies; Promoting security; Information security policy;Security Requirements: Motivation for security requirements; Security requirements artefacts; Specifying security requirements;Security Design Process: Business continuity; Principles of security design; AEGIS design methodology;Security Architectures: Security design patterns; Platform and channel security components; Enterprise security architectures;Designing Access Control: Security and access control; Access control policy; Security policy models;Designing Secure Systems: Security standards; Security decision-making; Design principles; Architecture principles; Security vs other architectural goals.

Completion methods
Autumn 2022: Pass/Fail based on active in-course participation.

Class Activities 50%; Group Project 50%.


Assessment details
Autumn 2022: Pass/Fail based on active in-course participation.Class Activities 50%; Group Project 50%.


Osaamistavoitteet

Capability in the design of systems that meet security goals is an increasingly important skill. This course explores how cost-effective solutions to security needs can be achieved by following well-established architectural practices and detailed security principles. Central to these considerations is meeting the requirements with established solutions, and striking a balance between security and other system requirements.


Students learn how to identify the security requirements relevant to a given context. Students become familiar with the most common security flaws, treats and vulnerabilities. Students learn about the secure development Best Practices and techniques. Students become familiar with available secure design tools. Students discover available resources for secure systems development.

Esitietojen kuvaus

This course assumes that you have already completed your bachelor’s studies and you are currently doing your master’s or doctoral studies. This course also assumes, you’ve already studied basics about system development life-cycle and common development methods and practices. Basics of information security and common attacks, threats and vulnerabilities.

Oppimateriaalit

Publicly available online materials such as OWASP, US-CERT.

Kirjallisuus

  • Andress, Jason. The basics of information security: understanding the fundamentals of InfoSec in theory and practice. Syngress, 2014. ISBN: 9780128007440; Tipton, Harold F., and Kevin Henry, eds. Official (ISC) 2 guide to the CISSP CBK. Auerbach Publications, 2006. ISBN: 0849382319.; McGraw, Gary. Software security: building security in. Vol. 1. Addison-Wesley Professional, 2006. ISBN: 0321356705.

Suoritustavat

Tapa 1

Valitaan kaikki merkityt osat
Suoritustapojen osat
x

Osallistuminen opetukseen (5 op)

Tyyppi:
Osallistuminen opetukseen
Arviointiasteikko:
Hyväksytty - hylätty
Suorituskieli:
englanti

Opetus