This course will introduce many fundamental cybersecurity concepts. The course will teach students to think about information systems using an adversarial mindset, evaluate risk to information systems, and introduce controls that can be implemented to reduce risk. Topics will include authentication systems, data security and encryption, risk management and security regulatory frameworks, networking and system security, application security, organizational and human security considerations, and societal implications of cybersecurity issues. These topics will be discussed at an introductory level with a focus on applied learning through hands-on virtual lab exercises.

This is a capstone course for students in the cybersecurity program. Students will review a series of short modules on topics such as teamwork, project management, report writing, and presentations, and will work in teams to apply their knowledge and skills to real-world projects in various areas of cybersecurity. Projects may require performing security analysis of systems, networks, software, policies, etc., devising and implementing security solutions in real-world applications. (4th-year status and departmental approval)

Students will gain experience and a better understanding of the application of technologies discussed in classes by working in the field of computing security. Students will be evaluated by their employer. If a transfer student, they must have completed one term in residence at RIT and be carrying a full academic load.

This course introduces methods and technologies for establishing trust in modern computing systems, including classic approaches (e.g., boot chain-of-trust, secure boot, exception/privilege levels, and Trusted Platform Modules - TPMs) and more recent trusted execution architectures that enable the creation of hardware-isolated secure sub-domains (e.g., ARM TrustZone) and enclaved sub-process execution (e.g., Intel Secure Guard eXtensions - SGX). The course also includes a list of special topics within trusted computing discussing new developments in the field.

This course covers some of the foundational technologies for establishing trust in modern computing systems, including classic methods (e.g., boot chain-of-trust, secure boot, exception/privilege levels, and Trusted Platform Modules - TPMs) and more recent trusted computing architectures such as ARM TrustZone and Intel Secure Guard eXtensions (SGX), which are increasingly popular and widely adopted in both academic research and industry. The latter part of the course will touch upon more advanced and research-oriented aspects in the intersection of trusted computing and various realms of Computing Security & Privacy. A key component of the course will be an exploratory research project aiming to use trusted computing technologies to address a security/privacy problem. To be successful in this course students should be knowledgeable in applied cryptography and basic security technologies.