Security Engineering - Interactive curriculae of TU Ilmenau

The interactive curriculae provide information on the degree programmes offered by the TU Ilmenau.

Please refer to the respective study and examination rules and regulations for the legally binding curricula (Annex Curriculum).

You can find all details on planned lectures and classes in the course catalogue.

Please note that this page is no longer updated. All modules and study plans from PO version 2021 onwards (Bachelor and Master study programs) are now available on the Campus Portal.

module properties Security Engineering in degree program Master Informatik 2021
module number	200035
examination number	2200678
department	Department of Computer Science and Automation
ID of group	2255 (Distributed Systems and Operating Systems)
module leader	Prof. Dr. Boris Koldehofe
term	summer term only
language	Englisch
credit points	5
on-campus program (h)	45
self-study (h)	105
obligation	elective module
exam	alternative examination performance
details of the certificate	The module is completed with an alternative exam, performed in several parts over the course of the semester. After the end of the lecture period, no further examination is required. The final grade is determined by completing - home assignments and classroom assignments (25%) - three specialized workshops with creative, hands-on tasks (50%) - one final project workshop (25%).
link to Moodle course	https://moodle.tu-ilmenau.de/course/view.php?id=2926
teacher	Dr. Peter Amthor
signup details for alternative examinations
maximum number of participants
previous knowledge and experience	Betriebssysteme aus dem SG Bachelor Informatik, WP-Modul "Systemsicherheit" aus dem SG Bachelor Informatik
learning outcome	Students are able to understand and discuss the methodical steps of model-based security engineering. They can describe well-known, fundamental formal models as well as revise and refine them for a selected application scenario. They can apply analysis paradigms to design and implement algorithms for validating scenario-specific security properties. They can describe the purpose of security model specification languages, compare different languages for specific application scenarios and apply them to a given model. They can discuss security requirements for a complex scenario, derive a formal security model from them, and implement this model in a security architecture during the final workshop. Students can discuss open questions and argue for different solution approaches. They can give constructive criticism while preparing workshop assignment. They can cooperatively develop ideas and manage tasks and responsibilities during a complex final workshop. They can present and defend their results.
content	This module is an advanced class on systems security. It focuses on methodological engineering of security properties of IT systems based on formal security models. In an early stage of the engineering process formal security models are used for the precise and unambiguous representation of security policies which then are analyzed by static model checking and simulative model execution. Successful models afterwards are transformed via specification languages into executable code which finally is integrated into a system's TCB. The class is organized in lectures and workshops; while theoretical knowledge is imparted in traditional lectures and exercises, practical skills are trained in a total of five workshops. Course topics are: Requirements Engineering Model Engineering advanced security models (take-grant model, schematic protection model, typed-access-matrix model, role-based access control (RBAC), attribute-based access control (ABAC) model composition model analysis Specification Engineering specification languages workshop on language design workshop on language implementation and compiler TCB Engineering TCBs security architectures Security Engineering workshop: a complete security engineering project
media of instruction and technical requirements for education and examination in case of online participation	Lecture and discussions using beamer and whiteboard, home assignments, workshops, books and articles
literature / references	TAM Model: R. Sandhu: The Typed Access Matrix Model Proceedings of the 1992 IEEE Symposium on Security and Privacy (S&P '92), 1992, 122-136. IEEE Computer Society. ISBN 0-8186-2825-1. ACM Digital Library Role Mining: H. Lu, J. Vaidya, V. Atluri: An optimization framework for role mining Journal of Computer Security (JCS), 2014, 22, 1-31. IOS Press 2014. H. Lu, Y. Hong, Y. Yang, L. Duan, N. Badar: Towards user-oriented RBAC model Journal of Computer Security (JCS), 2015, 23, 107-129. IOS Press 2015. B. Mitra, S. Sural, V. Atluri, J. Vaidya: The generalized temporal role mining problem Journal of Computer Security (JCS), 2015, 23, 31-58. IOS Press 2015. Model Analysis: Jaeger, T. & Tidswell, J. E.: Practical Safety in Flexible Access Control Models ACM Transactions on Information Systems Security (TISSEC), 2001, 4, 158-190 SELinux: Frank Mayer, Karl Macmillan, David Caplan: SELinux by Example. Prentice Hall 2007, 425 Seiten.
evaluation of teaching