CS4650 Fundamentals of Information Systems Security Engineering

This course presents the fundamental principles and processes of information systems security engineering (ISSE). The ISSE life cycle model consists of five stages: requirements definition, design, implementation, testing and deployment. The processes involved in these stages are explained in the context of a Defense-in-Depth protection strategy, with an emphasis on the role of security requirements engineering (SRE) in the construction of a secure system. This course covers the concepts and techniques needed to systematically elicit, derive and validate security requirements. It introduces how these techniques can be used in practice, and addresses the relationship between SRE and secure system design. Course work will be a combination of lectures, case studies and a team-based SRE project.



Lecture Hours


Lab Hours