Foundations of Cyber Security
This is the essential prerequisite for all of the other courses in the program. Students will understand the fundamental science of cyber security and its application to the engineering of secure systems. Students will learn the Reference Monitor concept. The course will provide explanation of presence of witted adversary as the difference between security and other system properties, with subversion as adversary’s “tool of choice”. We will cover information as a protected asset. Students will understand security policy as the definition of “security” for a system, and we will review laws, regulations, standards, ethics, and other sources of security policies. The course will provide introduction to, and discussion of, the enforceability of, mandatory, discretionary, and role-based access-control policies. We will give definition and context to the terms threats, vulnerabilities, and risk. Students will undertake a survey of common, contemporary technical, administrative, and physical security controls. We will introduce basic concepts of cryptography, as well as basic concepts of network, operating system, and application security. Students will understand the need to build security into a system from the very beginning. We will examine the shortcomings of the common, contemporary cyber security model and “best practices”. The course will afford a survey of common attacks and mitigations. It will serve as introduction to assurance, forensics, and incident response.