CY 628 Components Integration Security

This course focuses on the development and use of software that reliably preserves the security properties of the information and systems it protects. The security of a system, and of the data it stores and manages, depends in large part on the security of its software. The security of software depends on how well the requirements match the needs that the software is to address, how well the software is designed, implemented, tested, deployed, and maintained. The documentation is critical for everyone to understand these considerations, and ethical considerations arise throughout the creation, deployment, use, and retirement of software. The course addresses these security issues. Topics include fundamental design principles including least privilege, open design, and abstraction, security requirements and their role in the design, implementation issues, static and dynamic testing, configuring and patching, and ethics, especially in development, testing, and vulnerability disclosure.

Credits

3

Outcomes

  1. This course will prepare students to:
  2. Understand component security in cloud- vulnerabilities of system components, component lifecycle, supply chain management security, and data storage.
  3. Apply secure component development - secure component design principles, security testing, and reverse engineering.
  4. Analyze component and data security to cloud services to customize to various environments.
  5. Analyze secure component development for multiple software applications.
  6. Evaluate component and data security in an array of cloud deployments.
  7. Create a software application using secure components in the cloud.