Content, progress and pedagogy of the
- To familiarise the student with the theoretical foundations of
security, in the form of (a selection of) models for security,
e.g., access control models, secure information flow, calculi of
- To enable a deeper understanding of the theoretical
(mathematical and computer science) foundations underlying
state-of-the-art security tools and techniques.
- To know and be able to explain key points of a selection of
access control models, e.g., Bell/LaPadula, Biba, Decentralised
Label Model, as well as for a selection of other models of
security, e.g., secure information flow or approaches based on
calculi of computation.
- To know and be able to explain key theoretical results
concerning the models, e.g., undecidability results.
- To be able to use one or more of the studied theories/models to
perform security analyses and evaluations of a small system.
- To be able to use the studied theories/models to formally prove
security properties of (a model of a) system.
- To be able to understand a formal reasoning and argument for
security, e.g., for compliance with high-assurance
- To be able to identify and research both classical and novel
theories and models for security.
- To be able to use a model of security to model security
relevant aspects of a system and identify and formally prove
relevant security properties of the system (through the
Type of instruction
Types of instruction are listed at the start of §17; Structure
and contents of the programme.
|Name of exam||Models of Security|
|Type of exam|
Written or oral exam
|Assessment||7-point grading scale|
|Type of grading||Internal examination|
|Criteria of assessment||The criteria of assessment are stated in the Examination
Policies and Procedures|