582704 Mobile System Security
Principal theme | Prerequisite knowledge | Approaches the learning objectives | Reaches the learning objectives | Deepens the learning objectives |
---|---|---|---|---|
Mobile platform security | Knowledge of basic concepts in security (e.g. Introduction to Security); Knowledge of essential OS principles (e.g. Operating Systems, Distributed Systems) |
Can explain how platform security works on a general level. Can explain basic concepts of access control (ACLs, capabilities). Can explain the difference between DAC and MAC. Can explain basic concepts in trusted computing (secure/authenticated boot, secure storage, trusted execution environment). |
Can explain details of the design and implementation of platform security architectures in one or more mobile platforms: permission requests and assignment, the role of a reference monitor, application isolation and controlled API access to system functionality. |
Understands the limitations of today’s platform security mechanisms, and the interplay of security and other values such as flexibility for developers or usability. |
Usability of security | None |
Can name and describe some challenges in achieving usable mobile security. |
Can identify potential usability/security tradeoffs in a given system. |
Is able to suggest improvements to a given system and argue their usability/security benefits. |
Research topics in mobile security | Ability to read and write text in scientific style (e.g. the courses in scientific writing for BSc or MSc level) |
Can describe some of the active research topics in the area, such as information flow protection and usability of permissions assignment. |
Can summarize and discuss the state of the art in some of the research topics. |
Is able to critically evaluate research papers on mobile security; is able to identify open problems. |