This unit will present the lessons from recent research and from case studies of practice to bring students the skills to assess and improve the security of deployed systems. A particular focus is on data-driven approaches to collect operational data about a systems security. We explore deployment issues at local and global scale, e. g. for X. 509, DNS, and BGP, and also take human factors explicitly into account. As a result, students will learn to put building blocks of security together in a sound way, to arrive at engineering solutions that are empirically verifiable, functional, and secure against realistic threats. As Dan Geer once famously said: Any security technology whose effectiveness cant be empirically determined is indistinguishable from blind luck.
|Academic unit||Computer Science|
|CSEC3616 or INFO3616 or ELEC5616|
|Enrolment in a thesis unit. INFO4001 or INFO4911 or INFO4991 or INFO4992 or AMME4111 or BMET4111 or CHNG4811 or CIVL4022 or ELEC4712 or COMP4103 or SOFT4103 or DATA4103 or ISYS4103|
The learning outcomes for this unit will be available two weeks before the first day of teaching.
Unit outlines will be available 1 week before the first day of teaching for the relevant session.