Technische Universität Ilmenau

System Security - Interaktive Studienpläne der TU Ilmenau

Die Interaktiven Studienpläne sind ein Informationsangebot zu den Studiengängen der TU Ilmenau.

Die rechtsverbindlichen Studienpläne entnehmen Sie bitte den jeweiligen Studien- und Prüfungsordnungen (Anlage Studienplan).

Alle Angaben zu geplanten Lehrveranstaltungen finden Sie im elektronischen Vorlesungsverzeichnis.

Bitte beachten Sie, dass auf dieser Seite keine Aktualisierungen mehr vorgenommen werden. Alle Module und Studienpläne ab der PO-Version 2021 (Bachelor- und Master-Studiengänge) sind ab sofort im Campus-Portal erreichbar.

Modulinformationen zu System Security im Studiengang Master Data Science 2026
Modulnummer200033
Prüfungsnummer2200675
FakultätFakultät für Informatik und Automatisierung
Fachgebietsnummer 2255 (Verteilte Systeme und Betriebssysteme)
Modulverantwortliche(r)Prof. Dr. Boris Koldehofe
TurnusSommersemester
SpracheEnglisch
Leistungspunkte5
Präsenzstudium (h)45
Selbststudium (h)105
VerpflichtungWahlmodul
Abschlussschriftliche Prüfungsleistung, 90 Minuten
Details zum Abschluss
Link zum Moodle-Kurs https://moodle.tu-ilmenau.de/course/view.php?id=2781
Lehrende

Dr. Peter Amthor

Anmeldemodalitäten für alternative PL oder SL
max. Teilnehmerzahl
Vorkenntnisse

Mandatory: Basic knowledge of Ÿ operating systems, software engineering and formal automata and computability.

Crucial prerequisites will be briefly revisited when necessary.

Recommended: Basic knowledge of  computer networks, discrete mathematics, predicate logic and algorithms and complexity.

Lernergebnisse und erworbene Kompetenzen 

Students are able to define and
derive security requirements from application scenarios (lecture). They can
define and use the term "security policy" (lecture). Students are able to apply
formal security models to represent a security policy (lecture and exercises).
For this, they can define, classify and compare fundamental security models
(lecture and exercises). Based on this, students can evaluate such models
against security properties (lecture and exercises) and construct new,
application-specific models (exercises). They can name essential languages and
mechanisms for implementing such models (lecture) and apply them to case
studies (exercises). Security architectures used for integrating secuity
mechanisms can be described and classified by the students (lecture). They can
also assess their suitability for specific use cases (exercises).

 

Students can discuss
open questions and argue for different solution approaches. They can prepare
theoretical and practical assignments for the exercises and present their
results. They can coordinate cooperative work on complex home assignments.

Inhalt 

This module focuses on the basic paradigms, methods and concepts in the field of model-based security engineering - the methodical process of engineering a computer system's security properties based on formal security models. In an early stage of the engineering process formal security models are used for the precise and unambiguous representation of security policies which then are analyzed by static model checking and simulative model execution. Successful models afterwards are transformed via specification languages into executable code which finally is integrated into a system's trusted computing base.

Topics are

  • Requirements analysis
  • Security policies and formal security models
  • Model engineering and analysis
  • Domain-specific model specification languages
  • Security mechanisms
  • Security architectures

Medienformen und technische Anforderungen bei Lehr- und Abschlussleistungen in elektronischer Form

Presentations with projector and whiteboard, books, papers, assignments, discussions

Literatur

William Stallings, Lawrie Brown: Computer Security. Pearson, 2nd Edition, 2012, 810 pages.

Matthew Bishop: Computer Security: Art and Science. Addison-Wesley Educational Publishers Inc, 2012 (2. Edition), 1168 pages.

Trent Jaeger: Operating System Security. Synthesis Lectures on Information Security, Privacy and Trust #1, Morgan & Claypool Publishers, 2008.

N. Akosan et. al.: Mobile Platform Security. Synthesis Lectures on Information Security, Privacy and Trust #9, Morgan & Claypool Publishers, 2014.

Anupam Datta et. al.: Analysis Techniques for Information Security. Synthesis Lectures on Information Security, Privacy and Trust #2, Morgan & Claypool Publishers, 2010.

Ross Anderson: Security Engineering. John Wiley & Sons, 2nd Edidtion, 2008, 1040 pages. Also available online.

Frank Mayer, Karl Macmillan, David Caplan: SELinux by Example. Prentice Hall 2007, 425 pages.

Bruce Schneier: Secrets and Lies - Digital Security in a Networked World. John Wiley & Sons 2000, 408 pages.

Lehrevaluation