Masterstudium Business Informatics - Fakultät für Informatik, TU Wien
Masterstudium Business Informatics - Fakultät für Informatik, TU Wien
Masterstudium Business Informatics - Fakultät für Informatik, TU Wien
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
• Presentation of scientic and professional challenges, solution approaches, and their<br />
evaluation<br />
Syllabus: Security policies; Cobit, ISO 2700x; CERT operations; physical security; risk<br />
management and analysis; cost and benet analysis; security models; system security;<br />
vulnerabilities; identication, authentication, authorization, auditing; memory corruption,<br />
buer Overows (stack, heap); return based programming; shellcode; Windows<br />
security; security principles (Windows 95 to Windows 7); secure development life cycle,<br />
security touchpoints; race conditions, TOC-TOE; computational complexity attacks; reverse<br />
engineering and prevention; malicious code analysis; code obfuscation<br />
Expected Prerequisites: Basic knowledge in the area of security<br />
WIN/RSI - Recht und Sicherheit<br />
Teaching and Learning Methods and Adequate Assessment of Performance: The module<br />
is organized along lectures, recording and podcasts of interesting talks (e.g., tech talks,<br />
CERIAS seminars), practical assignments by support of teaching assistants and an e-<br />
learning system, small projects, case studies.<br />
Courses of Module:<br />
3.0/2.0 VU Software Security<br />
3.0/2.0 VU Organizational Aspects of IT-Security<br />
SIT/SC3 - Secure Systems Engineering<br />
ECTS-Credits: 6.0<br />
Summary: IT security engineering has become a critical element of the overall performance<br />
of IT systems and IT projects. Enhancing eective functional engineering by<br />
thorough security models, processes, and techniques is a major design and architecture<br />
issue in several application elds. In the lectures of this module students will learn<br />
advanced aspects of how to engineer secure systems and how to maintain security standards<br />
in large and complex IT infrastructures. Topics of this module include advanced<br />
aspects of planning, designing and implementing security mechanisms (e.g., Public Key<br />
Infrastructures, web application security, ...), best practice examples of implementing<br />
security in large IT infrastructures, and security testing in IT systems (test process,<br />
penetration testing, ...). Students gain knowledge in IT security through fundamentals<br />
and theory of advanced security aspects. Mechanisms are applied in practical lab work.<br />
Furthermore, students are involved in security experiments, current research issues and<br />
security competitions. Experiments in attacking and defending systems will be a didactic<br />
method.<br />
Learning Outcomes:<br />
Knowledge:<br />
• Conducting requirement studies, situation analysis, and risk identication for large<br />
IT infrastructures<br />
79