| INFB Introduction to Security | Course | INF | |
|---|---|---|---|
| Lecturers : |
Prof. Dr. Claus Vielhauer
eMail
|
Term | 3 |
| Course Classification : | Bachelor Informatik | CH | 4 |
| Language : | Deutsch | Type | VÜ |
| Type of examination : | PL | Credits | 5 |
| Method of evaluation : | written examination 120 min | ||
| Requirements : | |||
| Cross References : | |||
| Previous knowledges : | |||
| Aids and special features : | |||
| Teaching aims : | After successfully completion of the module, students will be able to: * Describe the key objectives and terminology from IT security (e.g. security aspects, concept of risk, attacker scenarios). * Identify, differentiate and evaluate technical protection goals and methods and relate them to security aspects. * They will be able to name key legal frameworks relevant to IT security and describe how they work. * Students are able to analyze vulnerabilities in IT systems, but also in IT-related operational processes, and to plan basic protection concepts based on the protection methods covered. * They will also be enabled to recognize current and future areas of conflict between social and technical aspects of IT security, e.g. privacy protection on the Internet. | ||
| Contents : | 1. Introduction and organizational security 1.1. Security versus safety 1.2. Basic data security aspects and security requirements 1.3. Security risks, vulnerabilities and known attacks 1.4. Security policies and models 1.5. Security standards 1.6. Social engineering 2. Data protection and non-technical data security 2.1. EU Data Protection Regulation, federal and state data protection laws 2.2. Telemedia Act (TMG), Telecommunications Act (TKG) and Interstate Treaty on Broadcasting and Telemedia (RStV) 2.3. Copyright law, Criminal Code 2.4. IT Security Act 3. Identity Management 3.1. Basics of user authentication 3.2. Knowledge-based authentication: passwords, one-time tokens, etc. 3.3. Possession-based authentication: smartcards & RFID 3.4. Introduction and organizational security 3.5. Multifactor authentication 3.6. Single sign-on systems 3.7. Position-based authentication 4. Applied IT Security 4.1. Introduction to IT forensics 4.2. Introduction to media security 5. Practical IT security 5.1. Procedure for security concepts: BSI IT-Grundschutz Methodology "Basic Protection” 5.2. Overview of cryptographic protection 5.3. Overview of network security | ||
| Literature : | * Bishop M.: Computer Security, 2nd Edition, Addison-Wesley Professional, Boston, U.S.A, ISBN: 9780134097145, 2018 * Bishop M.: Introduction to Computer Security, Addison-Wesley Professional, ISBN: 0321247442, 2004 * Pfleger C.P.,et al.: Security in Computing, Pearson, 6th edition, 978-0-13-789121-4, 2023 * Eckert C.: IT-Sicherheit. Konzepte - Verfahren - Protokolle, 10. Auflage, De Gruyter Oldenbourg, ISBN: 9783110563900 2018 * Tanenbaum A. S.: Computernetzwerke, Pearson Studium, 5. Auflage, ISBN: 978-3-86326-536-6, 2019 * Vielhauer C.: Biometric User Authentication for IT Security: From Fundamentals to Handwriting, Springer, New York, U.S.A., 978-0-387-26194-2, 2006 * Schmeh, K.: Kryptografie: Verfahren, Protokolle, Infrastrukturen (iX-Edition), 6. Auflage, dpunkt.verlag GmbH, 3864903564, 2016 * Bundesamt für Sicherheit in der Informationstechnik: IT-Grundschutz-Kompendium – Werkzeug für Informationssicherheit, Edition 2023, https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/IT-Grundschutz/IT-Grundschutz-Kompendium/it-grundschutz-kompendium_node.html | ||