Jedes Modul umfasst 3 ECTS. Sie wählen insgesamt 10 Module/30 ECTS in den folgenden Modulkategorien:
- 12-15 ECTS in Technisch-wissenschaftlichen Modulen (TSM)
TSM-Module vermitteln Ihnen profilspezifische Fachkompetenz und ergänzen die dezentralen Vertiefungsmodule. - 9-12 ECTS in Erweiterten theoretischen Grundlagen (FTP)
FTP-Module behandeln theoretische Grundlagen wie die höhere Mathematik, Physik, Informationstheorie, Chemie usw. Sie erweitern Ihre abstrakte, wissenschaftliche Tiefe und tragen dazu bei, den für die Innovation wichtigen Bogen zwischen Abstraktion und Anwendung spannen zu können. - 6-9 ECTS in Kontextmodulen (CM)
CM-Module vermitteln Ihnen Zusatzkompetenzen aus Bereichen wie Technologiemanagement, Betriebswirtschaft, Kommunikation, Projektmanagement, Patentrecht, Vertragsrecht usw.
In der Modulbeschreibung (siehe: Herunterladen der vollständigen Modulbeschreibung) finden Sie die kompletten Sprachangaben je Modul, unterteilt in die folgenden Kategorien:
- Unterricht
- Dokumentation
- Prüfung
This module teaches two aspects of IT security. The first part deals with secure software, focusing on developing secure software and exploiting defects in software. The second part deals with several advanced security technologies, which includes authentication, access control, network security devices, and operating system security.
Eintrittskompetenzen
This module assumes that students have a working knowledge of basic security technologies such as cryptology, secure communication protocols, and access control mechanisms (which amounts to approx. a 4 ECTS bachelor module). See e.g.: William Stallings, Network Security Essentials: Applications and Standards. We also assume that students have a working knowledge in a general purpose programming language such as Java, C, or similar and are familiar with modern software development processes.
Lernziele
- The students know and understand the secure development lifecycle and are capable of developing secure software.
- The students can analyze software with respect to security and can exploit vulnerabilities.
- The students can employ threat modeling to identify threats and use this to define security requirements.
- The students know and understand advanced authentication and access control methods including identity federations.
- The students understand the underlying principles of application layer firewalls and intrusion detection/prevention systems.
- The students are able to apply the current network access control standards to establish trust in client platforms.
Modulkategorie
The module consists of 2 main topics, Software Security and Security Technologies. Each covers 6-8 weeks.
- Main topic 1: Software Security. The skills taught here are applicable to any software project and therefore include web applications, web services, and mobile applications.
- Introduction to software security (motivation, secure development lifecycle)
- Finding and exploiting vulnerabilities in software (e.g. web applications) by combining manual methods and tools
- Developing secure software (e.g. web applications and web services)
- Security requirements engineering and threat modeling
- Main topic 2: Security Technologies. The skills taught here are applicable to a wide range of scenarios, and include Internet and operating system security.
- Advanced access control and authentication methods and federated identities
- Application level firewalls and intrusion detection/prevention systems
- Internet security, e.g., network access control
- Operating system security and trusted platforms
Lehr- und Lernmethoden
- Lecture: Ex cathedra teaching
- Exercises/self-study: reading texts about security topics, some self-study, mainly about web application development frameworks; practical exercises (computer-based); theoretical exercises
Bibliografie
Lecture slides, references to Internet sources and textbooks
Vollständige Modulbeschreibung herunterladen
Zurück