SE 525 Software Security Architecture
Summary
Students in this course will learn architectural patterns for integrating security into software.
Topics include:
- an overview of software security;
- integration of authentication, access control, and auditing into software;
- programming with symmetric-key and asymmetric-key cryptography, including key distribution and key management, use of
certificates, and SSL/TLS;
- security mechanisms in modern runtime environments, e.g., code signing, code verification, access control, and security
policies.
Students will get hands-on experience designing and implementing secure software.
The investigation will be carried out in the context of the Android platform http://www.android.com.
Further information for Winter 2013 is available at the course homepage http://fpl.cs.depaul.edu/cpitcher/courses/se525/ (available to all DePaul students).
Texts
- http://www.manning.com/collins/ Android in Practice, by Charlie Collins, Michael Galpin, Matthias Kaeppler. Publisher: Manning
Publications; 1 edition (October 7, 2011). ISBN-10: 1935182927. ISBN-13: 978-1935182924.
- http://shop.oreilly.com/product/0636920022596.do Application Security for the Android Platform: Processes, Permissions, and
Other Safeguards, by Jeff Six. Publisher: O'Reilly Media (December 10, 2011). ISBN-10: 1449315070. ISBN-13: 978-1449315078.
Grading
Assessment will be based on:
- Homework assignments (3), 45%
- Team research project, 55%
Prerequisites
- CSC 435 Distributed Systems I
- CSC447 Concepts of Programming Languages OR SE 450 Object-Oriented Software Development
- NOTE: It is NOT necessary to have an Android device for this class. The Android emulator can be used instead.
- A reasonably modern computer that can run Java 6 or Java 7, the Eclipse IDE, and the Android development tools (see the
supported platforms at http://developer.android.com/sdk/index.html ). Windows, OS X, and Linux are all supported. 2GB or more
of RAM is recommended for reasonable Eclipse performance.
- Online Learning students will be required to participate (infrequently, not regularly) in classes for presentations and team
project meetings using Wimba, so will need an appropriate audio setup, e.g., microphone, headphones, and a quiet area to work
during class time.
Policies
- IMPORTANT: All students (including OL students) must be available to present their work on 2013-03-21. OL students may present
their work remotely (and will need a microphone and webcam) on that date. OL students that are unavailable on that date must
contact the instructor during the first week of class.
- Students are required to attend lectures or watch them online within 48 hours of posting (generally posted the day after the
class).
- Students are required to subscribe to and read the class mailing list.
- Students must keep backup copies of all submitted work.
- Students must test submitted assignments to verify that they are properly submitted.
- Late submissions will not be accepted without a serious documented excuse.
- Late submissions without a serious documented excuse will only be accepted if a request is made at least 24 hours prior to the
exam and prior permission is given by the instructor. Note that the most likely response will be to submit what you have on
time instead of a late submission.
- Homework deadline extensions will not be given for enrolling in the class after the quarter has begun or for being out of the
country at the beginning of class.
- In-class and OL students will need to keep in contact with one another outside class using technology to be mutually agreed
upon.
This syllabus is subject to change as necessary during the quarter. If a change occurs, it will be thoroughly addressed during class, posted under Announcements in D2L and sent via email.
Evaluations are a way for students to provide valuable feedback regarding their instructor and the course. Detailed feedback will enable the instructor to continuously tailor teaching methods and course
content to meet the learning goals of the course and the academic needs of the students. They are a requirement of the course and are key to continue to provide you with the highest quality of teaching. The
evaluations are anonymous; the instructor and administration do not track who entered what responses. A program is used to check if the student completed the evaluations, but the evaluation is completely
separate from the student’s identity. Since 100% participation is our goal, students are sent periodic reminders over three weeks. Students do not receive reminders once they complete the evaluation.
Students complete the evaluation online in CampusConnect.
This course will be subject to the university's academic integrity policy. More information can be found at http://academicintegrity.depaul.edu/ If you
have any questions be sure to consult with your professor.
All students are expected to abide by the University's Academic Integrity Policy which prohibits cheating and other misconduct in student coursework. Publicly sharing or posting online any prior or current materials from this course (including exam questions or answers), is considered to be providing unauthorized assistance prohibited by the policy. Both students who share/post and students who access or use such materials are considered to be cheating under the Policy and will be subject to sanctions for violations of Academic Integrity.
All students are required to manage their class schedules each term in accordance with the deadlines for enrolling and withdrawing as indicated in the University Academic Calendar. Information on enrollment, withdrawal, grading and incompletes can be found at http://www.cdm.depaul.edu/Current%20Students/Pages/PoliciesandProcedures.aspx.
Students who feel they may need an accommodation based on the impact of a disability should contact the instructor privately to discuss their specific needs. All discussions will remain confidential.
To ensure that you receive the most appropriate accommodation based on your needs, contact the instructor as early as possible in the quarter (preferably within the first week of class), and make sure that
you have contacted the Center for Students with Disabilities (CSD) at:
Lewis Center 1420, 25 East Jackson Blvd.
Phone number: (312)362-8002
Fax: (312)362-6544
TTY: (773)325.7296