Technische Universität Ilmenau

Systems Security - Modultafeln of TU Ilmenau

The Modultafeln have a pure informational character. The legally binding information can be found in the corresponding Studienplan and Modulhandbuch, which are served on the pages of the course offers. Please also pay attention to this legal advice (german only). Information on place and time of the actual lectures is served in the Vorlesungsverzeichnis.

subject properties Systems Security in major Master Research in Computer & Systems Engineering 2012
subject number100963
examination number2200414
departmentDepartment of Computer Science and Automation
ID of group 2255 (Group for Distributed Systems and Operating Systems)
subject leaderProf. Dr. Winfried Kühnhauser
term Sommersemester
languageEnglisch
credit points5
on-campus program (h)45
self-study (h)105
Obligationobligatory
examoral examination performance, 20 minutes
details of the certificate

direct grade

maximum number of participants
previous knowledge and experience

BSc Computer Science, especially algorithms and complexity, automata and formal languages, operating systems, networks, discrete structures

learning outcome

This course focuses on the basic paradigms, methods and concepts in the field of model-based security engineering - the methodical process of engineering a computer system's security properties based on formal security models. In an early stage of the engineering process formal security models are used for the precise and unambiguous representation of security policies which then are analyzed by static model checking and simulative model execution. Successful models afterwards are transformed via specification languages into executable code which finally is integrated into a system’s trusted computing base.

Students acquire knowledge on methodological engineering of security properties based on security policies and their formal models. Successful students will be able to design, analyze and specify security policies and integrate them into the trusted computing base of IT systems.

content

Course topics are

  • Security Requirements analysis
  • Security policies and formal security models
  • Model engineering and analysis
  • Policy specification languages
  • Security mechanisms
  • Trusted computing bases, security architectures and reference monitors
media of instruction

Presentations with projector and whiteboard, books, papers, assignments, discussions

literature / references
  • William Stallings, Lawrie Brown: Computer Security. Pearson, 2nd Edition, 2012, 810 pages.

  •  Matthew Bishop: Computer Security: Art and Science. Addison-Wesley Educational Publishers Inc, 2012 (2. Edition), 1168 pages.

  •  Trent Jaeger: Operating System Security. Synthesis Lectures on Information Security, Privacy and Trust #1, Morgan & Claypool Publishers, 2008.

  •  N. Akosan et. al.: Mobile Platform Security. Synthesis Lectures on Information Security, Privacy and Trust #9, Morgan & Claypool Publishers, 2014.

  •  Anupam Datta et. al.: Analysis Techniques for Information Security. Synthesis Lectures on Information Security, Privacy and Trust #2, Morgan & Claypool Publishers, 2010.

  •  Ross Anderson: Security Engineering. John Wiley & Sons, 2nd Edidtion, 2008, 1040 pages. Also available online.

  •  Frank Mayer, Karl Macmillan, David Caplan: SELinux by Example. Prentice Hall 2007, 425 pages.

  •  Bruce Schneier: Secrets and Lies - Digital Security in a Networked World. John Wiley & Sons 2000, 408 pages.

evaluation of teaching

Pflichtevaluation:

SS 2017 (Fach)

Freiwillige Evaluation:

SS 2014 (Seminar)

SS 2016 (Seminar)

Hospitation: