Search Course Outline

The human aspect of cyber security and privacy engineering is relevant to commercial solution development and cyber security and privacy research. Sample topics: secure systems design; usable security systems evaluation; privacy-preserving software systems; threat modelling; economics of usable security and privacy; OWASP Top 10 vulnerabilities. Recommended preparation: 30 points from COMPSCI 313, 314, 320, 335, 340, 351, 702, 734, 742

Data security: confidentiality, integrity, availability. System security: prohibitions, permissions, obligations, exemptions. The gold standard of dynamic security: authentication, audit, authorisation. Governance: specification, implementation, assurance. Three-layer defence: prevention, detection, response. Control modalities: architectural, economic, legal, normative. System-centric analyses: attacks, threats, vulnerabilities, information flows. Owner-centric analyses: functionality, security, trust, distrust. Data-centric analyses. Security techniques: encryption, obfuscation, tamper resistance. System designs. Recommended preparation: 30 points from COMPSCI 313, 314, 320, 335, 340, 351, 702, 734, 742.

Data security: confidentiality, integrity, availability. System security: prohibitions, permissions, obligations, exemptions. The gold standard of dynamic security: authentication, audit, authorisation. Governance: specification, implementation, assurance. Three-layer defence: prevention, detection, response. Control modalities: architectural, economic, legal, normative. System-centric analyses: attacks, threats, vulnerabilities, information flows. Owner-centric analyses: functionality, security, trust, distrust. Data-centric analyses. Security techniques: encryption, obfuscation, tamper resistance. System designs. Recommended preparation: 30 points from COMPSCI 313, 314, 320, 335, 340, 351, 702, 734, 742.

Data security: confidentiality, integrity, availability. System security: prohibitions, permissions, obligations, exemptions. The gold standard of dynamic security: authentication, audit, authorisation. Governance: specification, implementation, assurance. Three-layer defence: prevention, detection, response. Control modalities: architectural, economic, legal, normative. System-centric analyses: attacks, threats, vulnerabilities, information flows. Owner-centric analyses: functionality, security, trust, distrust. Data-centric analyses. Security techniques: encryption, obfuscation, tamper resistance. System designs. Recommended preparation: 30 points from COMPSCI 313, 314, 320, 335, 340, 351, 702, 734, 742.

Data security: confidentiality, integrity, availability. System security: prohibitions, permissions, obligations, exemptions. The gold standard of dynamic security: authentication, audit, authorisation. Governance: specification, implementation, assurance. Three-layer defence: prevention, detection, response. Control modalities: architectural, economic, legal, normative. System-centric analyses: attacks, threats, vulnerabilities, information flows. Owner-centric analyses: functionality, security, trust, distrust. Data-centric analyses. Security techniques: encryption, obfuscation, tamper resistance. System designs. Recommended preparation: 30 points from COMPSCI 313, 314, 320, 335, 340, 351, 702, 734, 742.