Introduction
Risk Scenarios
Security Goals
Security Engineering
Lecture Roadmap
Security Requirements
Vulnerabilities
Human
Organizational
Technical
Summary
Threats
Attackers
Attack Methods
Damager Potential
Summary
Risk Analysis
Summary
Security Policies and Models
Security Policies
Security Models
Access Control Models
IBAC
RBAC
ABAC
Summary
Information Flow Models
Denning
MLS
BLP
Biba
Summary
Non-interference Models
Hybrid Models
Brewer-Nash
LR-CW
MLS-CW
Practical Security Engineering
Model Engineering
Model Specification
CorPS
SELinux Policy Language
Summary
Security Mechanisms
Authorization
Access Control Lists
Capability Lists
Interceptors
Summary
Cryptographic Mechanisms
Encryption
Symmetric
Asymmetric
Cryptographic Hashing
Digital Signatures
Cryptographic Attacks
Identification and Authentication
Passwords
Biometrics
Cryptographic Protocols
SmartCards
Authentication Protocols
Summary
Security Architectures
Design Principles
Operating Systems Architectures
Nizza
SELinux
Distributed Systems Architectures
CORBA
Web Services
Kerberos
Summary
