You will take this course as part of the security specialization. The course will prepare you to develop software that must run reliably and securely in adversarial environments. You must have taken Security 1 and Security 2 as well as Discrete Mathematics and a programming course to be admitted to this course.
This is the advanced course in the Security specialization.
This course will cover advanced aspects of information security that will enable you to develop software that can run securely and reliably in adversarial environments. The course includes technical and social elements. The course is organized in six modules.
- Cryptographic protocols. In this module you will learn about cryptographic protocols, how to design them and how to ensure that they are actually secure.
- Accountability. In this module we discuss how to design protocols that are not only secure, but that have the property to be able to assign blame in the case something does go wrong.
- Information Flow Control. In this module you learn how to prove that a program preserves the confidentiality and integrity of information. You will see tools that help programmers write information-flow secure programs, and learn the theory that makes these tools possible.
- Usable Security. In this module you will learn how to secure not only the software, but entire process from creation to end-user usability paying particular attention to the operational environment in which the software will be used.
- Code Scanning. In this module we discuss tools to identify security vulnerabilities in your software automatically. You will learn the way these tools work and how to apply them.
- Attack Trees. This final module is about a technique that will allow you to think about possible attack vectors of socio-technical systems and how to evaluate them.
After the course, you will understand how security vulnerabilities are introduced into software and you will be able to use tools to eliminate them.
- Security 1
- Security 2
- Discrete Mathematics
- Introduction to Programming
Intended learning outcomes
After the course, the student should be able to:
- Create cryptographic protocols
- Analyze techniques to achieve accountability
- Analyze information flow control techniques
- Apply usability security design techniques
- Formulate real-world scenario using attack trees
Ordinary examExam type:
B: Oral exam, External (7-point scale)
B22: Oral exam with no time for preparation.