Foundations of Secure Development
Learning Objective:Comprehend basic security concepts and secure design principles and be able to relate the security fundamentals with real world software and hardware design practices. Outline how security is measured and be able to choose security tools for different scenarios. Distinguish Authentication, Authorization and Auditing (AAA) concepts and can apply various AAA techniques in given scenarios. Explain how cryptography is used to protect data security and articulate best practices when applying cryptography. Recognize different federal security standards and apply secure design principles to meet the compliance requirements.
This course provides a comprehensive introduction to the foundation of secure development. It is the gateway course into the Design for Security Badge program and is intended to provide a solid foundation in the topics necessary for future courses in this path.
Topics Covered:Basic information security concepts such as security, privacy, trust, threats, vulnerability and risk, followed by the introduction of security metrics. The course will also introduce the concept of authentication, authorization, audit and non-repudiation. Basic cryptography concepts will be reviewed and related to the secure development. Finally, the course will introduce industry specific compliances, such as PCI and HIPPA and various external security certifications.
Applied / Theory:50 / 50
Homework:Students are expected to participate in online discussions and hands-on assignments will be given.
Exams:Quizzes are given throughout the semester with a comprehensive final exam.
Textbooks:Official textbook information is now listed in the Schedule of Classes. NOTE: Textbook information is subject to be changed at any time at the discretion of the faculty member. If you have questions or concerns please contact the academic department.
1) Matt Biship (2018), Computer and Security (2nd Edition), Addison-Wesley Professional, ISBN: 978-0321712332 ;2) Kenneth Wyk and Mark Graff (2003), Secure Coding: Principles and Practices, O'Reilly, ISBN: 978-0596002428