CSCI-B 477 Security Engineering
3 credits
- Prerequisite(s): CSCI-C 310 or CSCI-C 343 or CSCI 36200
- Delivery: On-Campus
- Semesters offered: Fall (Check the schedule to confirm.)
- Equivalent(s): CSCI 49000 Computer Systems Security
Description
This course covers a broad range of topics in system security engineering, including authentication and authorization, cryptography, architectures, detection systems, quantum computing security, risk assessment, social engineering, strategic policy, and trustworthy hardware. Students conduct research activities, such as selecting research topics, writing papers, and presenting their results.
Topics
Goals of system security
Social engineering
- Techniques
- Countermeasures
Research activities
- Topic selection
- Paper writing
- Result presentation
Trustworthy hardware
- Hardware-based security features
- Supply chain risks
Cryptography
- Algorithms
- Protocols
Authentication
- Mechanisms
- Multi-factor authentication
Authorization
- Role-based access control
- Integration with existing systems
Detection systems
- Intrusion detection
- Incident response
Cybersecurity risk assessment and mitigation
- Vulnerabilities
- Threats
- Mitigation strategies
Architecting cybersecurity
- Defense-in-depth principles
- Network segmentation
Cyber situation understanding
Strategic policy and investment
- Security policies
- Guidelines
Quantum computing security
- Impact on cryptography
- Post-quantum approaches
Learning Outcomes
- Analyze social engineering techniques and design countermeasures to minimize the impact of social engineering attacks on organizational security. CS 5
- Assess trustworthy hardware components, considering hardware-based security features, supply chain risks, and their potential impact on system integrity. CS 3
- Compare cryptographic algorithms and protocols for securing data transmission, storage, and authentication, including their strengths, weaknesses, and real-world implementations. CS 1
- Design and implement authentication and authorization mechanisms, considering multi-factor authentication, role-based access control, and integration with existing systems. CS 5
- Design and implement effective intrusion detection and incident response strategies, using anomaly detection, behavior analysis, and threat intelligence integration techniques. CS 5
- Perform comprehensive risk assessments, identifying potential vulnerabilities, threats, and their impact on organizational assets, and propose mitigation strategies. CS 5
- Design and evaluate secure system architectures by incorporating defense-in-depth principles, network segmentation, secure protocols, and risk-based design choices. CS 5
- Develop security policies and guidelines aligned with organizational objectives, industry standards, and regulatory compliance. CS 6
- Assess quantum computing’s impact on current cryptographic systems and explore post-quantum cryptographic approaches. CS 5
- Select a research topic on security engineering, conduct in-depth research, produce a well-structured research paper, and effectively communicate the findings through a presentation and discussion. CS 7
Policies and Procedures
Please be aware of the following linked policies and procedures. Note that in individual courses instructors will have stipulations specific to their course.