Search

Blekinge Institute of Technology

Blekinge Institute of Technology, BTH, has a distinctive focus on the digitalisation of society and sustainability.<br> BTH’s task is to contribute to a more sustainable societal development through higher education, research and innovation. BTH conducts education and research in fields in which society has major needs.<br> Through international excellence, we contribute to digital and sustainable transformation. As an institute of technology, we have a responsibility and a unique opportunity to make our contribution to both regional and national competitiveness and to global sustainability.<br> External engagement with wider society and the private sector contribute to making us more attractive and ensuring that our education and research maintain high quality and relevance.<br>

4 RESULTS

Introduction to Security in the Software Development Lifecycle

The purpose of this course is to introduce security practices within the Software Development Lifecycle (SDLC) at the requirements, design, implementation, verification, and after release stages of software development. This course is the guide to the cybersecurity issues arising throughout the entire development process. We consider the development from the security perspective from the beginning stage until the final release and beyond. The course is adapted to give a solid introduction to non-security-experts mainly and addresses both how professionals (developers, managers, decision-makers) can utilize security to improve (software-based) products/services, and how they are affected by security issues and challenges. Whether you are a software developer in a bank or telecom company, or you are a product manager in a gaming company, this course will be relevant for you.

Operating System Security Hardening

The course covers different aspects of securing OS and system services to provide the safe environment for running cloud-based services. The following guidelines will be considered during the course as well as pracTical implementation of Windows and Linux platforms hardening using scripts (e.g. PowerShell and Ansible) to provide automation.

Secure Software Architecture

This course introduces the concept of secure architecture which implies mitigation of potential confidentiality, integrity, and availability (CIA triad) threats by incorporating security elements such as demilitarized zone (DMZ), Anti-DDoS, load balancing, logging-monitoring-alerting (LMA), and incident response domain as well as by using corresponding security practices at the design stage that include but not limited to analysis of attack surface, threat modeling (STRIDE), and risk assessment (CVSS and OWASP Risk Rating Methodology). The design of secure cloud-based architectures is the primary focus of the course in light of premise-to-cloud migration.

Security, Privacy and Compliance

There is an increasing concern from users regarding the use and leakage of their personal data. Moreover, compliance with privacy regulations is required by the government and privacy should be incorporated by design and by default when developing software-intensive products and services. Hence, privacy has become a top challenge in software development and good privacy measures can improve data security and promote quality.