Basics - Security Engineering Concepts

In course

Description

This lecture covers security mechanisms, the importance of security engineering, defense in depth, the role of humans in system security, methods to show systems are secure, and the process of security engineering from high-level specification to secure implementation.

Instructors (2)

Official source

https://mediaspace.epfl.ch/media/0_rfexyw2o

About this result

This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Related lectures (32)

Related concepts (20)

Security engineering

Security engineering is the process of incorporating security controls into an information system so that the controls become an integral part of the system’s operational capabilities. It is similar to other systems engineering activities in that its primary motivation is to support the delivery of engineering solutions that satisfy pre-defined functional and user requirements, but it has the added dimension of preventing misuse and malicious behavior. Those constraints and restrictions are often asserted as a security policy.

Social engineering (security)

In the context of information security, social engineering is the psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. It has also been defined as "any act that influences a person to take an action that may or may not be in their best interests.

Internet security

Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, online viruses, trojans, ransomware and worms.

Information security

Information security, sometimes shortened to InfoSec, is the practice of protecting information by mitigating information risks. It is part of information risk management. It typically involves preventing or reducing the probability of unauthorized or inappropriate access to data or the unlawful use, disclosure, disruption, deletion, corruption, modification, inspection, recording, or devaluation of information. It also involves actions intended to reduce the adverse impacts of such incidents.

Human security

Human security is a paradigm for understanding global vulnerabilities whose proponents challenges the traditional notion of national security through military security by arguing that the proper referent for security should be at the human rather than national level. Human security reveals a people-centred and multi-disciplinary understanding of security which involves a number of research fields, including development studies, international relations, strategic studies, and human rights.