ITKST50 Secure Systems Design (5 op)

Content

Managing Security: Enterprise business strategies; Promoting security; Information security policy;Security Requirements: Motivation for security requirements; Security requirements artefacts; Specifying security requirements;Security Design Process: Business continuity; Principles of security design; AEGIS design methodology;Security Architectures: Security design patterns; Platform and channel security components; Enterprise security architectures;Designing Access Control: Security and access control; Access control policy; Security policy models;Designing Secure Systems: Security standards; Security decision-making; Design principles; Architecture principles; Security vs other architectural goals.

Capability in the design of systems that meet security goals is an increasingly important skill. This course explores how cost-effective solutions to security needs can be achieved by following well-established architectural practices and detailed security principles. Central to these considerations is meeting the requirements with established solutions, and striking a balance between security and other system requirements.

Students learn how to identify the security requirements relevant to a given context. Students become familiar with the most common security flaws, treats and vulnerabilities. Students learn about the secure development Best Practices and techniques. Students become familiar with available secure design tools. Students discover available resources for secure systems development.