11
CompSci 702 Security for Smart Devices http://www.cs.auckland.ac.nz/courses/comp sci702s1c /

CompSci 702 Security for Smart Devices

  • Upload
    roy

  • View
    80

  • Download
    0

Embed Size (px)

DESCRIPTION

CompSci 702 Security for Smart Devices. http://www.cs.auckland.ac.nz/courses/compsci702s1c /. Applied Smart-Device Security. Considerations Is it secure? How do you know? What are the dangers of using this smart-device? - PowerPoint PPT Presentation

Citation preview

CompSci 702 Security for Smart Devices

CompSci 702 Security for Smart Devices http://www.cs.auckland.ac.nz/courses/compsci702s1c/ Applied Smart-Device Security

ConsiderationsIs it secure?How do you know?What are the dangers of using this smart-device?Imagine some scenarios and apply sound security technology principlesMy goal here is to promote security fundamentals, not firearms.Welcome!From the 702 TeamAndrew [email protected]

Robert [email protected]

Course StructureSecurity by Design (AC: 1 Week)Overview of access control models (AC: 1 week) DAC, MAC, RBAC, UCON Policy-based Android (AC: 5 weeks) Overview Android security model and pitfalls Android malware characterisation and study of most common samples A concrete approach to fight malware iOS overview and its security model (RS: 2 weeks) Seminars (YOU: 3 weeks)Team ProjectGoalsResearch mobile technologiesDesign a simple everyday processApply security concepts into the designBuild a proof of concept / artefact for considerationPerform an analysis of what was built, what could have been built, and is missing to secure the processCompleted in phases throughout the semesterEach phase builds on the previousResearch ReportYou select one or more papers to read from a provided listMore details on how laterEach of you will prepare a research report of 4 pages on the paperBe sure to identify what is most critical Dont just re-iterate the paper but provide depth of understanding on what it is communicatingThe content of the report must be YOURSNo copy-and-past from the main articleUse your own words to describe the articleTake a look at its references for additional understanding and content50/50 approach2 pages for description2 pages for analysis/criticismNeeds a proper cover pageResearch Report ContinuedHow to Analyse/CriticiseDoes the paper live up to your expectations?Think about what you were expecting from this paper by reading the Abstract/Title/IntroDoes this article help you with your security requirements?If you were the user of this system, would it work for you? Why? Why not?What could the authors have done differently?What is the real value of this article?SeminarYou select one or more papers to read from a provided listMore details on how laterEach of you will give a 15 minute presentation on itBe sure to identify what is most critical Dont just re-iterate the paper but provide depth of understanding on what it is communicating

Course BooksAccess control chapter in any security booksMark Stamp, Information Security: Principles and Practice, Wiley 2011Matt Bishop, Computer Security: Art and Science, Addison-Wesley 2003The library is your friendThe rest of the course will be based on research papers and information available from the library and the InternetGrades15% Seminar15% Research Report20% Team Project5% Phase 15% Phase 210% Phase 350% Final ExamLecturesReadingsSeminarsTeam Project ConceptsQuestions?