 |
|
||||||||||
Security Engineering
Master in Information Security
For more information about the Information Security Master Track visit: http://www.infsecmaster.ethz.ch
251-0463-00 (2V2U)
Fall Semester 2008
D. Basin, C. Cremers
Course Description
Subject of the class are engineering techniques for developing secure
systems. We examine concepts, methods and tools, applied within the
different activities of the SW development process to improve security
of the system. Topics: security requirements&risk analysis, system
modeling&model-based development methods, implementation-level
security, and evaluation criteria for secure systems
Prerequisites
Information Security (Wolf / Cremers)
Objectives
Security engineering is an evolving discipline that unifies two
important areas: software engineering and security. Software
Engineering addresses the development and application of methods for
systematically developing, operating, and maintaining, complex,
high-quality software.
Security, on the other hand, is concerned
with assuring and verifying properties of a system that relate to
confidentiality, integrity, and availability of data.
The goal
of this class is to survey engineering techniques for developing secure
systems. We will examine concepts, methods, and tools that can be
applied within the different activities of the software development
process, in order to improve the security of the resulting systems.
Content
Security engineering is an evolving discipline that unifies two
important areas: software engineering and security. Software
Engineering addresses the development and application of methods for
systematically developing, operating, and maintaining, complex,
high-quality software.
Security, on the other hand, is concerned
with assuring and verifying properties of a system that relate to
confidentiality, integrity, and availability of data.
The goal
of this class is to survey engineering techniques for developing secure
systems. We will examine concepts, methods, and tools that can be
applied within the different activities of the software development
process, in order to improve the security of the resulting systems.
Topics covered include
Security requirements & risk analysis,
- System modeling and model-based development methods,
- Implementation-level security, and
- Evaluation criteria for the development of secure systems
Modules taught:
1. Introduction
- Security meets SW engineering: an introduction
- The activities of SW engineering, and where security fits in
- Overview of this class
2. Requirements Engineering: Security Requirements and some Analysis
- Overview: functional and non-functional requirements
- Use cases, misuse cases, sequence diagrams
- Safety and security
- FMEA, FTA, attack trees
3. Modeling in the design activities
- Structure, behavior, and data flow
- Class diagrams, statecharts
4. Model-driven security for access control (design)
- SecureUML as a language for access control
- Combining Design Modeling Languages with SecureUML
- Semantics, i.e., what does it all mean,
- Generation
- Examples and experience
5. Model-driven security (Part II)
- Continuation of above topics
6. Security patterns (design and implementation)
7. Implementation-level security
- Buffer overflows
- Input checking
- Injection attacks
8. Testing
- Overview
- Model-based testing
- Testing security properties
9. Risk analysis and management 1 (project management)
- "Risk": assets, threats, vulnerabilities, risk
- Risk assessment: quantitative and qualitative
- Safeguards
- Generic risk analysis procedure
- The OCTAVE approach
10. Risk analysis: IT baseline protection
- Overview
- Example
11. Evaluation criteria
- CMMI
- Systems security engineering CMM
- Common criteria
12. Guest lecture
- TBA
Literature
- Ross Anderson: Security Engineering, Wiley, 2001.
- Matt Bishop: Computer Security, Pearson Education, 2003.
- Ian Sommerville: Software Engineering, 6th ed., Addison-Wesley, 2001.
- John Viega, Gary McGraw: Building Secure Software, Addison-Wesley, 2002.
- Basin, Doser, Lodderstedt, "Model Driven Security: from UML Models to Access Control Infrastructures", ACM TOSEM 06. pdf
auxiliary readings:
- Basin, Clavel, Doser, Egea, "Automated analysis of security design models", To appear in Information and Software Technology. pdf
Grading
6 ECTS credits
Lectures
Time : Every Wed (starting 17.09.2008), 10h00 - 12h00
Place : IFW B42
Tutorials
Time: Every Fri (starting 26.09.2008), 10h00-12h00
Place: IFW A34
Course Material
Please login with your nethz-username and password here
Exam
The exams will take place on 17 and 18 Dec 08.
17-12-2008 afternoon: room D42
18-12-2008 morning: room C44
18-12-2008 afternoon: room D44
The exam will be closed book, oral, and 15 min/student.
Wichtiger Hinweis:
Diese Website wird in älteren Versionen von Netscape ohne
graphische Elemente dargestellt. Die Funktionalität der
Website ist aber trotzdem gewährleistet. Wenn Sie diese
Website regelmässig benutzen, empfehlen wir Ihnen, auf
Ihrem Computer einen aktuellen Browser zu installieren. Weitere
Informationen finden Sie auf
folgender
Seite.
Important Note:
The content in this site is accessible to any browser or
Internet device, however, some graphics will display correctly
only in the newer versions of Netscape. To get the most out of
our site we suggest you upgrade to a newer browser.
More
information
!!! Dieses Dokument stammt aus dem ETH Web-Archiv und wird nicht mehr gepflegt !!!
!!! This document is stored in the ETH Web archive and is no longer maintained !!!
!!! This document is stored in the ETH Web archive and is no longer maintained !!!
