Catalogue of Modules M. Sc. Security Management (2014)

Similar documents
How To Pass An It Forensics Course

Catalogue of Compulsory Optional Modules M. Sc. Security Management (2014)

Guidance to the Master and PhD Programmes in Computer Science

M.A. Programme in Corporate Communication Management (Improved Programme for 2006)

Bachelor s Degree Programme in International Sales and Marketing Professionsbachelor i international handel og markedsføring

Masters in Information Technology

Masters in Human Computer Interaction

Masters in Advanced Computer Science

Masters in Artificial Intelligence

Program Catalog. Master s degree: Biology (Master of Science, M.Sc.)

Programme Specification and Curriculum Map for MSc Network Security and Pen Testing

School of Earth and Environmental Sciences (SEES) The University of Guyana. Proposal

Masters in Networks and Distributed Systems

Module Description. Master Programme. International Business and Finance (M.A.)

Program Catalog. Master s degree: Biology (Master of Science, M.Sc.)

ROMANIAN - AMERICAN UNIVERSITY. School of Domestic and International Business, Banking and Finance

TEACHING AND EXAMINATION REGULATIONS PART B: programme specific section MASTER S PROGRAMME SYSTEM AND NETWORK ENGINEERING

Certified Information Systems Auditor (CISA)

Module Handbook for the Master Degree Programme "Intercultural Communication and European Studies (ICEUS)

MSc in Computer and Information Security

Hochschule Esslingen University of Applied Sciences

Implementing Cisco IOS Network Security v2.0 (IINS)

Comparative Social Policy and Welfare

11741 E-Business Credit Hours: Integrated Application Systems Credit Hours: Enterprise Systems Architecture Credit Hours: 3

Bachelor of Information Technology (Network Security)

1. Programme title and designation Advanced Software Engineering

M.Sc. Health Economics and Health Care Management

Module Catalogue for the Master s Program National and International Administration and Policy (MANIA) Master of Arts.

Masters in Computing and Information Technology

Description of the program

Introduction to Cyber Security / Information Security

MEng Engineering Management

Nettitude Ltd. (FHEQ) level 7] MSc Postgraduate Diploma Postgraduate Certificate. British Computer Society (BCS) Master s Degree in Computing

MSc Business Analysis and Finance.

BEng Hons Engineering Management

MS Information Security (MSIS)

MSc Financial Economics.

Media: Conception and Production (B.A.) English taught courses

CESG Certification of Cyber Security Training Courses

Unit 3 Cyber security

Programme Specification and Curriculum Map for MSc Computer Networks

Course Curriculum for Master Degree in Nursing / Services Administration

INSTITUTE OF CONTINUING AND DISTANCE EDUCATION

Course Bachelor of Information Technology majoring in Network Security or Data Infrastructure Engineering

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus

Integrated degree of PhD and LLM (Legal Studies) 1

Conditions of Studies Economics - Business Administration (B.A.) for the bachelor study programme of Business Administration (B.A.

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

Comparative Social Policy and Welfare

Masters in Human Computer Interaction

Professionsbachelor i Innovation og Entrepreneurship Bachelor of Innovation and Entrepreneurship

OCCUPATIONAL GROUP: Information Technology. CLASS FAMILY: Security CLASS FAMILY DESCRIPTION:

Faculty of Business Management. Undergraduate Programme English Courses - Descriptions

UNIVERSITY OF BELGRADE FACULTY OF PHILOSOPHY. Part two: INFORMATION ON DEGREE PROGRAMS

Business Analytics (AQM5201)

K 066/921. Master Curriculum. Computer Science. (in English)

Programme Specification

Bachelor of International Sales and Marketing Management Professionsbachelor i international handel og markedsføring

Master Business Intelligence and Process Management

Faculty of Organizational Sciences

Zurich Universities of Applied Sciences and Arts. Master of Science in Facility Management

Programme Specification and Curriculum Map for MSc Computer and Network Security

Digital Asset Manager, Digital Curator. Cultural Informatics, Cultural/ Art ICT Manager

Software Quality. Introduction " Martin Glinz. Chapter 1. Department of Informatics!

Customised programmes

Verfahrenstechnik und Chemieingenieurwesen

Programme Specification and Curriculum Map for MSc Network Management and Cloud Computing

SUBJECT-SPECIFIC CRITERIA

Module compendium of the Master s degree course of Information Systems

Translation of the Fachprüfungsordnung Biologische Ozeanographie only the German version is legally binding! -

Curriculum. for the Master s Degree Program in MEDIA AND CONVERGENCE MANAGEMENT

JOB DESCRIPTION. 1. JOB TITLE: Senior Lecturer in Computer Science (Cyber Security)

continue to advance their Manufacturing Management knowledge and understanding, and develop new skills to a high level;

MSc Economics Programme Specification. Course Title MSc Economics.

NETWORK SECURITY (W/LAB) Course Syllabus

DoQuP project. WP.1 - Definition and implementation of an on-line documentation system for quality assurance of study programmes in partner countries

Curriculum Form. 1. Name of the curriculum Küberturbe tehnoloogiad 2. Name of the curriculum in Cyber Security Engineering

DEPARTMENT OF MATHEMATICS

MBA AND EMBA PROGRAMMES AT COLOGNE BUSINESS SCHOOL

School of Computer Science

(IŞIK - IT201) 1 / 6 COURSE PROFILE. Theory+PS+Lab (hour/week) Local Credits. Course Name Code Semester Term ECTS

Modulhandbuch / Program Catalog. Master s degree Evolution, Ecology and Systematics. (Master of Science, M.Sc.)

INFORMATION SYSTEMS AND TECHNOLOGY MANAGEMENT

STUDY REGULATIONS Study regulations for International Executive Master of Business Administration (MBA) program, applicable to English language

Information Systems and Tech (IST)

Information and Network Security Certificate Program

Programme Title: MSc in International Business History

PUBLIC HEALTH NUTRITION Master of Science (M.Sc.)

Curriculum for Bachelor s Degree Programme in Procuct Development and Technology Integration. September 2011

REGULATIONS OF UNDERGRADUATE KAZAKH NATIONAL UNIVERSITY NAMED AFTER AL-FARABI

International Media Studies. Master s degree

MSc Money and Banking Programme Specification. Course Title

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

CURRICULUM MASTER OF DISASTER MANAGEMENT

Study, Internship, and Examination Regulations. Academy Profession and Bachelor Degrees INTERNATIONAL BUSINESS COLLEGE MITROVICA

RISK MANAGEMENT IN COMPANIES A QUESTIONNAIRE AS AN INSTRUMENT FOR ANALYSING THE PRESENT SITUATION

Economics and Business Management. BA Programme Handbook

PROGRAMME SPECIFICATION UNDERGRADUATE PROGRAMMES KEY FACTS. School of Arts and Social Sciences Department or equivalent Department of Psychology

MASTER OF PHILOSOPHY IN RISK PSYCHOLOGY, ENVIRONMENT AND SAFETY

Course Catalogue. Masters Programme Human-Computer Interaction (MINF-M-120-MCI) 120 credit points

Transcription:

Catalogue of Modules M. Sc. Security Management (2014) May 2014

Impressum Autor: Prof. Dr. Sachar Paulus Redaktion: Prof. Dr. Sachar Paulus Druck: Druckerei der Fachhochschule Brandenburg Kontakt: Fachhochschule Brandenburg University of Applied Sciences Magdeburger Str. 50 14770 Brandenburg an der Havel T +49 3381 355-101 F +49 3381 355-199 E sachar.paulus@fh-brandenburg.de www.fh-brandenburg.de Stand: 21. Februar 2014 Fachhochschule Brandenburg Seite 2/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

Inhaltsverzeichnis 1. Introduction... 4 2. Principles of Security Management... 5 3. Security and Crisis Management in the international Context... 7 4. Law, Compliance and Data Protection... 9 5. Organizational Elements of Security Management... 12 6. Network Security... 15 7. Mathematical and Technical Foundations of IT-Security... 17 8. Secure ICT Infrastructures and IT Services... 19 9. Secure Systems Lifecycle Management... 22 10. Scientific Writing... 24 11. Project... 26 12. Master s Thesis... 28 Seite 3/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

1. Introduction This document contains the descriptions of the mandatory modules of Brandenburg University of Applied Sciences M. Sc. Degree program on Security Management. The module content is of 2014. Students can choose a profile amongst a number of offerings. Part of the content consists of compulsory optional modules that the program management selects every term. The descriptions for compulsory optional modules can be found in a separate document, since they change relatively often. Module overview Ter m Module CP 1 2 Fundamentals of Security Management (6CP) Security and Crisis Management in International Contexts (6CP) Law, Compliance and Data Protection (6CP) Organizational Elements of Security Management (6 CP) Secure ICT Infrastructures and IT Services (6CP) Mathematical and Technical Foundations of IT Security (6CP) Secure Software Lifecycle Management (6CP) Network Security (6CP) Project (6CP) Scientific Writing (6CP) 30 30 3 Compulsory Optional Module 1 (3CP) Compulsory Optional Module 2 (3CP) Compulsory Optional Module 3 (3CP) 9 Master Thesis incl. Colloquium (21CP) 21 90 Topic area Security Management Law and Business Management Mathematical and Technical Foundations IT-Security Scientific Work Compulsory Optional Modules Seite 4/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

2. Principles of Security Management Brief module label: Module description: PrinciplesSecurityManagement Principles of Security Management Division in teaching sessions, if applicable: Duration of module: Classification in the curriculum: Usability of the module: Frequency of offering of modules: Author: Private lecturer: Language of instruction: Prerequisites: One semester SM Ma, 1st semester, required module The module is also offered as a compulsory lecture for the Master s course Business Informatics. The module can also be offered for Master s Informatics. Every academic year Prof. Dr. Sachar Paulus Prof. Dr. Sachar Paulus German None ECTS-Credits: 6 Total workload and ist composition: Form of teaching/semester hours per week: 180 hours = 60 hours of attendance and 120 hours of self-study Lecture: 1 semester hour per week Exercise: 1 semester hour per week Practical application based on case studies: 2 semester hours per week Total: 4 semester hours per week Study and examination achievements: Homework (50%), Presentation (50%). Weighting of the grade in the overall grade: Learning outcomes: 2/5 of the subject grade 13.5% of all subject grades 4.725% of the final grade The objective is to enable the students to acquire basic knowledge and skills in the following aspects of learning: Preparation of security investigations Conducting risk evaluations Analysis of conditions of security and the significance of counter measures Development of understanding the importance of security in the process of decision making by entrepreneurs Assessment of organisation of security in enterprises Mapping exemplary security processes with the use of IT tools Drafting security measures and presenting the same to a committee of decision makers successfully In addition, the students are expected to achieve the following Seite 5/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

results of learning: Establish a security organisation in an enterprise Prepare a skill profile for an individual in charge of security Integrate IT and non IT security relevant aspects Introduce a security management system in an organisation Prepare a strategy for a section of IT, information or corporate security Contents: Teaching and learning methods: Literature: Primary aspects of corporate security: Security Governance and Security Management System Security Organisation Security Policy Risk management Security analyses Security processes Norms and standards for information security Return-on-Security-Investment calculations Crisis management Business Continuity Management Additionally: Selected specific areas of the IT and corporate security Interactive combination of lectures, preparations and presentation of contents, demonstration of concepts, practical tasks for groups, preparation of own content and role play. Security Management 2011: Manual of information security, IT security, security of locations, White-collar criminality and Management liability by Guido Birkner, 2011. Handbuch Unternehmenssicherheit [Manual of Corporate Security]: Comprehensive security, continuity and risk management with system by Klaus-Rainer Müller, 2010. Unternehmenssicherheit [Corporate Security] by Stephan Gundel, and Lars Mülli, 2009. Security Risk Management Body of Knowledge by Julian Talbot, Miles Jakeman, Wiley 2009. Additional information: Seite 6/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

3. Security and Crisis Management in the international Context Brief module label: Module description: SecurityCrisisManagementInternational Security and Crisis Management in the international Context Division in teaching sessions, if applicable: Duration of module: Classification in the curriculum: One semester SM Ma, 2nd semester, required module Usability of the module: Frequency of offering of modules: Author: Private lecturer: Every academic year Prof. Dr. Sachar Paulus Prof. Dr. Sachar Paulus Language of instruction: German, partly English (10%) Prerequisites: None ECTS-Credits: 6 Total workload and its composition: Form of teaching/semester hours per week: Study and examination achievements: Weighting of the grade in the overall grade: Learning outcomes: Contents: 180 hours = 60 hours of attendance and 120 hours of selfstudy Lecture: 2 semester hours per week Exercise: 1 semester hour per week Practical application based on case studies: 1 semester hour per week Total: 4 semester hours per week Written examination or oral examination 2/5 of the subject grade 13.5% of all subject grades 4.725% of the final grade The objective is to enable the students to acquire knowledge and skills in the following aspects of learning: Analysis of security systems in the international context while taking into account the cultural, political and geographical conditions Management of security organisation in international corporations Preparation of security measures during travel or delegation of employees to foreign countries Introduction of a crisis management system Reaction in international crisis situations Controlling the global crisis communication Influencing the public perception of security topics Security management in global organisations Travel Security Seite 7/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

Security during delegation of employees Crisis management in the international context Communication during crises: principles and procedures for communication during crisis situations Internal and external crisis communication Message House Handling media during crisis situations Public image of security Campaigns for security topics Teaching and learning methods: Literature: Interactive combination of lecture, preparation and presentation of content, demonstration of concepts, practical tasks for groups, preparation of own content and role play. Notfall- und Krisenmanagement im Unternehmen [Emergency and Crisis Management in Companies] by Axel Bédé, 2009. Unternehmenskrisen und Krisenmanagement [Corporate Crises and Crisis Management] by Ronny Scharschmidt, 2009. Führen in Krisensituationen [Managing during Crisis Situations] by Markus Klaus, 2008. Global Threat: Target-Centered Assessment and Management by Robert Mandel, 2008. Security Risk Management Body of Knowledge by Julian Talbot and Miles Jakeman, 2009. Additional information: Seite 8/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

4. Law, Compliance and Data Protection Brief module label: Module description: LawComplianceDataSecurity Law, Compliance and Data Security Division in teaching sessions, if applicable: Duration of module: Classification in the curriculum: One semester SecMan Master, 1st semester, required module Usability of the module: Frequency of offering of modules: Author: Private lecturer: Language of instruction: Every academic year Prof. Dr. Sachar Paulus Prof. Dr. Michaela Schröter, Dipl. iur. Raoul Kirmes M.Sc., CISA, QMA German Prerequisites: ECTS-Credits: 6 Total workload and its composition: Form of teaching/semester hours per week: Study and examination achievements: Weighting of the grade in the overall grade: Learning outcomes: Contents: 180 hours = 60 hours of attendance and 120 hours of self-study Lecture: 4 semester hours per week Study assignments (30%), Written examination (70%). 2/3 of the subject grade; 8.33% of all subject grades; 2.916% of the final grade This course aims to enable the students to acquire knowledge and skills in the following aspects of learning: Identification of relevant legal position of important activities concerned with security in organisations Application of national, European and international legislations in order to meet the compliance specifications for companies Enabling critical discussion with legal target conflicts and for submitting an appropriate evaluation of the risk situation for companies as those affected by regulations 1. Introduction to juristic methodology 2. European and international security law 3. Introduction to the WTO law (focus on international law on product safety) 4. System of fundamental freedom and national security Seite 9/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

interests 5. Technical trade restrictions in security law 6. Compliance in the international context 7. International, European and national accreditation law 8. Principles of contractual liability ( 280 BGB) 9. Principles of tortious liability ( 823ff BGB, ProdHaftG) 10. Law governing the private security trade 11. Overview of the German law governing weapons 12. Main features of law of criminal proceedings 13. Electronic legal relations (ecommerce/signature law) 14. International emoluments and principles of law governing data security Teaching and learning methods: Literature: Lecture - Harald Jele, Wissenschaftliches Arbeiten: Zitieren [Scientific Working Methods: Quoting], Kohlhammer, 3rd ed., 2012 - Calliess/Ruffert, EUV/AEUV 4th ed. 2011. - Röhl, Akkreditierung und Zertifizierung im Produktsicherheitsrecht [Accreditation and Certification in Law Governing Product Safety], Springer Verlag 2000. - Ensthaler, Zertifizierung und Akkreditierung technischer Produkte [Certification and Accreditation of Technical Products], Springer Verlag 2007. - Martin Schulte, Handbuch des Technikrechts [Manual of Law Governing Technology], 2nd ed. Springer Verlag, 2010. -Abbott/ Kirchner/ et.al., International Standards and the Law, Stämpfli Verlag AG, 2005. - Kurt Schellhammer, Schuldrecht nach Anspruchsgrundlagen [Law of Obligations According to Principles of Claims], 8 th ed., 2011. - Martin Kutscha, Handbuch zum Recht der Inneren Sicherheit [Manual of Law Governing Internal Security], 2nd ed., BWV Verlag, 2006. -Rolf Stober, Sven Eisenmenger, Besonderes Wirtschaftsverwaltungsrecht [Special Business Administration Law], 15th ed., Verlag Kohlhammer, 2011 - Knemeyer: Polizei- und Ordnungsrecht [Police and Law Governing Public Order], Beck, 2007 - Busche: Waffenrecht 2012 [Weapons law 2012], Kiel 2012 - Hoeren: Internet- und Kommunikationsrecht [Internet and communication law], Otto Schmidt Cologne 2012 - Schade: Arbeitsrecht [Labour law], Kohlhammer 2010 - Martin T. Biegelman, Building World-Class Compliance Program: Best Practices and Strategies for Success, John Wiley & Sons; 2008. - Acquisti/ Gritzalis/Lambrinoudakis, Digital Privacy: Theory, Technologies, and Practices, Auerbach Pubn, 2007 - Sanjay Anand, Essentials of Sarbanes-Oxley, John Wiley & Sons, 2007. - CCH Incorporated, SEC Compliance and Disclosure Interpretations, Harcourt Professional Publishing, 2009. - Reyes, Carla, WTO-compliant Protection of Fundamental Rights: Lessons from the EU 'Privacy Directive, Melbourne Journal of International Law, Vol. 12, No. 1, Jun 2011: 141-176. Seite 10/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

- Spiros Simitis, Bundesdatenschutzgesetz [Federal Law Governing Data Security], Nomos, 7 th ed., 2011. - Current legal texts Additional information: Assignments for thorough reading Seite 11/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

5. Organizational Elements of Security Management Brief module label: Module description: Division in teaching sessions, if applicable: Duration of module: Classification in the curriculum: SM_MA_OrgAsp_Sicherheitsmanagement Organizational Elements of Security Management Security Leadership and Strategy Development Physical Security One semester SM Ma, 2nd semester, required module Usability of the module: Frequency of offering of modules: Author: Private lecturer: Language of instruction: Prerequisites: Every academic year Prof. Dr. Sachar Paulus Prof. Dr. Robert Franz, Prof. Dr. Friedrich Holl, Holger Könnecke, Gerhard Reinhardt German None ECTS-Credits: 6 Total workload and its composition: Form of teaching/semester hours per week: Study and examination achievements: Weighting of the grade in the overall grade: Learning outcomes: 180 hours = 60 hours of attendance and 120 hours of selfstudy Lecture: 2 x 15 hours Working on examples: 2 x 15 hours Written report + presentation and/or oral examination 6,25 of the final grade The objective is to enable the students to acquire basic knowledge and skills in the following aspects of learning: Knowing the principles of successful corporate governance Influencing the corporate leaders for observing the security aspects and for constructive handling of crisis situations Derivation of a security strategy and security goals out of the corporate strategy Development of a strategy to strengthen the ethical aspects of corporate governance Resolution of conflicts Knowing the methods of protection and safety engineering Analysis of the possibilities of use and effectiveness of protective mechanisms against elementary damage, mechanical safety installations, hazard alert systems and surveillance systems Planning of a security system network Seite 12/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

Evaluation of solutions available in the market Appraisal of the legal aspects for the deployment of individual security mechanisms Contents: Teaching and learning methods: Literature: Functions of corporate governance (development of corporate goals, principles, culture; Formulation of strategies; Human Resources and Negotiations Management; international aspects in the global competition) Integration of security goals with the corporate strategy Ethical aspects of corporate governance (anti-corruption strategies, Code of Conduct etc.) Conflict management (conflict diagnosis, typology of conflicts, escalations, strategies for conflict handling) Fundamentals of building safety Terminology and overview of areas of tasks and available options Engineering principles Physical attacks and their effect Elementary damage Attackers, their aims and methods of attack Weapons and their effect Radiation of electronic devices Mechanical safety systems and access control Locks, locking systems and their security Securing doors, windows and fences against attacks Secure storage and data cabinets Engineering and legal regulations and directives Hazard alert systems Fundamentals Burglary alarm systems Attack alert systems Installation failure alert systems Fire alarm and fire fighting systems Engineering and legal regulations and directives Surveillance systems Technical possibilities Open and hidden monitoring Engineering and legal regulations and directives Emergency planning and operational safety Consequential damage analysis Handling untoward incidents Lecture K. Macharzina: Unternehmensführung [Corporate Governance] T. Hutzschenreuther: Krisenmanagement [Crisis Management] F. Glasl: Konfliktmanagement [Conflict Management] Seite 13/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

B. Stackpole, E. Osendahl: Security Strategy: From Requirements to Reality.Physical Security Systems Handbook by Michael Kairallah, 2005. Current Journals and Magazines covering the topic: kes, Der Sicherheitsberater [The Safety Advisor], S&I. Additional information: Seite 14/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

6. Network Security Brief module label: Module description: SM_Ma_Network Security Network Security Division in teaching sessions, if applicable: Duration of module: Classification in the curriculum: One semester SecMan Master, 1st semester, required module Usability of the module: Frequency of offering of modules: Author: Private lecturer: Language of instruction: Prerequisites: Every academic year Prof. Dr. Eberhard von Faber Dipl. Ing. Dietmar Hausmann German Importance of IT security and its role in practice; technical and physical basic knowledge; knowledge of the basics of Internet networks, Operating Systems and cryptography-based techniques ECTS-Credits: 6 Total workload and ist composition: Form of teaching/semester hours per week: 180 hours = 60 hours of attendance and 120 hours of self-study Lectures at least 30 hours, practice at least 30 hours Study and examination achievements: Written report + presentation or oral examination Weighting of the grade in the overall grade: Learning outcomes: 6,25 % of the final grade Familiarization with the threats and challenges in networks, including important counter measures in the form of protocols and various security solutions Familiarization with the functioning of these solutions, understanding of their use, operation and interaction; ability to integrate and deploy independently some of these solutions; familiarization with supplementing measures and solutions Development of ability to analyse requirements and industrial practical factors and to integrate solutions based on the practical example of an industrial solution Familiarization with security modules and embedded systems as core components for distributed systems; properties, challenges and use Contents: Extended principles of Internet networks (TCP/IP Protocol, Seite 15/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

ISO/OSI, Routing, active components, cryptography) Dangers in the use of IT, categories of threats, weak points and hazards Security management, security audits with tools, network monitoring and network logging Attacks and counter measures Cryptography applications (encrypted communication, VPN protocols, certificates) Web Server Security, Email security In depth study and practical application of project topics on Firewalls, Honeypots and Intrusion Detection Systems, WLAN security and VPN Teaching and learning methods: Literature: Combination of lectures, exercises based on one s own computer and lab exercises; lectures deploying different media; tasks and exercise examples; control questions/revision course Cisco Networking Academy: CCNA Exploration Companion Guide, Vol. 1-4, Cisco Press, 2008 Alexander Michael: Netzwerke und Netzwerksicherheit - Das Lehrbuch [Networks and Network Security the text book], Hüthing publishers, 2006. Plötner Johannes, Wendzel Steffen: Praxishandbuch Netzwerk-Sicherheit [Practical Manual of Network Security], Galileo Computing, 2007. Other reference works on special project topics (VPN, IPSec, IPv6, IDS, WLAN, Attacks, and many more) Scripts and other teaching materials will be distributed directly to the students during the lecture, or made available on the learning platform of the university. Additional information: Seite 16/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

7. Mathematical and Technical Foundations of IT-Security Brief module label: Module description: Division in teaching sessions, if applicable: Duration of module: Classification in the curriculum: SM_MA_MathTechGrundlagen Mathematical and Technical Foundations of IT-Security Foundations of Forensics and Auditing Foundations of Technical Security One semester SecMan Master, 1st semester, required module Usability of the module: Frequency of offering of modules: Author: Private lecturer: Language of instruction: Every academic year Prof. Dr. Sachar Paulus Prof. Dr. Igor Podebrad, Ralph Wölpert German Prerequisites: ECTS-Credits: 6 Total workload and its composition: Form of teaching/semester hours per week: 180 hours = 60 hours of attendance and 120 hours of self-study Lecture: 2 x 30 hours Study and examination achievements: Written or oral examination Weighting of the grade in the overall grade: Learning outcomes: Contents: 6,25% of the final grade This course aims to enable the students to acquire knowledge and skills in the following aspects of learning: Application of the mathematical and technical foundations to security, especially: Organisation of IT forensic analyses and IT audits Operating IT systems while taking into account the requirements of IT forensics and IT auditing Development and implementation of IT forensics related security guidelines Evaluation of the usability of IT audit results for forensics Selection of security technology Understanding and explanation of the basic principles of technical security systems Legal prerequisites for IT forensics Principles of IT auditing Organisation of IT forensic analyses Security technology: tools, systems and applications Seite 17/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

Teaching and learing methods: Literature: Lecture and exercises in small groups IT-Forensik [IT Forensics] by Alexander Geschonnek, 2011 The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics by John Sammons, 2012 Handbuch der Sicherheitstechnik: Freigeländesicherung, Zutrittskontrolle, Einbruch- und Überfallmeldetechnik von Georg Walz, 1992 Additional information: Seite 18/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

8. Secure ICT Infrastructures and IT Services Brief module label: Module description: Division in teaching sessions, if applicable: Duration of module: Classification in the curriculum: SM_MA_SichereIKTInf_ITDienste Secure ICT Infrastructures and IT Services Secure ICT Infrastructures (1st term) Secure IT Services (2nd term) Two terms SM Ma, 1 st and 2 nd semester, required module Usability of the module: Frequency of offering of modules: Author: Private lecturer: Language of instruction: Prerequisites: Every academic year Prof. Dr. Eberhard von Faber Dr. Eberhard von Faber German Importance of IT Security and its role in practical applications; technical and physical principles; basics of internet network technology, operating systems and cryptology technologies. Basic knowledge of business processes and corporate governance; Knowledge of Information and Communications Technology: Applications, Systems and Networks, including the underlying technology. ECTS-Credits: 6 Total workload and its composition: Form of teaching/semester hours per week: Study and examination achievements: Weighting of the grade in the overall grade: Learning outcomes: 180 hours = 60 hours of attendance and 120 hours of selfstudy 2 x 30 hours lecture using different media, project work and self testing elements. Practical examination + presentation or oral examination 6,25% of the final grade This course aims to enable the students to acquire knowledge and skills in the following aspects of learning: Development of the ability to integrate the required solutions adequately into various ITC infrastructures and usage scenarios; familiarization with service models including Cloud Computing and its implications Development of ability to analyse requirements and industrial practical factors and to integrate solutions based on the practical example of an industrial solution Familiarization with security modules and embedded systems as core components for distributed systems; properties, challenges and use; principles of usage and on Seite 19/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

the security of chip cards Details of PKI as infrastructure for secure communication, including testing schemes as international infrastructure for the risk management based on the example of payment systems Understanding of technologies and organisation of modern (industrial) ITC production, and especially the incidental security questions Usage and integration of IT services in business processes; assessment of security requirements, evaluation and selection of IT services Successful implementation of Identity and Access Management (IAM): understanding of basic terminology, architectures and technologies; planning and implementation in companies and in complex value-added chains Contents: Fundamentals of ITC production; ITC architectures and infrastructure elements; Security aspects; Management of solutions for the system and network security; processes and organisation; Tasks ranging from weak point management to Disaster Recovery User and Producer: IT services; Security requirements, evaluation, selection and integration; Security and risk management in outsourcing, basic problems and sourcing models Enterprise Security Architecture: ICT Production, Service Design, Transition, Service Delivery Management, Security Management, GRC Basic terminology IAM (from Identification to Accounting), Authentication: Types, methods, technologies; problems and solutions; Architectures and distributed systems (e.g. LDAP, RADIUS, Kerberos, ESSO, Single Sign-On, Federation), Authorization: Services and limitations; Strategies (DAC, MAC, RBAC, IF); Realization (Groups, Roles, ACL, Capabilities); Alternatives; Trends and Outlook including DRM, Identity Management: Administrative tasks, Registration, Workflows, Enrolment; Credential Management, User Self- Service, UHD etc. Accounting; Analytics; Attestation; Intelligence, SOD IAM-Architectures (the whole picture); Infrastructures Erection and implementation of IAM programs in large enterprises Integration of various solutions in the ITC network: business processes vs. ITC; Usage scenarios vs. ITC; service models and Cloud Computing: division of labour, Seite 20/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

service models, security management Learning situation of a special industry application: requirements and solutions; Practical factors and their outcome, result and practice in industry Components for distributed systems and mobility: Embedded Systems; Properties, challenges and solutions; Internet of things; Life Cycle; Device Management and Security Design; Practical seminar: application, technology of the chip cards and practical attacks PKI: an infrastructure for secure communication (visible or invisible; function, realization, practice) Assurance: an infrastructure for Trust and Security in a (global) division of labour in industrial value-added chains Teaching and learning methods: Literature: Lecture utilizing various media, project assignments for practice, in depth study and self checks, including control questions/revision course Alexander Tsolkas and Klaus Schmidt: Rollen und Berechtigungskonzepte, Ansätze für das Identity- und Access Management im Unternehmen [Roles and Authorization Concepts, Approaches for the Identity and Access Management in the Company]; August 2010, Vieweg+Teubner Martin Kappes: Netzwerk- und Datensicherheit, Eine praktische Einführung [Network and Data Security, A Practical Introduction]; Vieweg+Teubner Hans-Peter Königs: IT-Risiko-Management mit System, Von den Grundlagen bis zur Realisierung. Ein praxisorientierter Leitfaden [IT Risk Management with System, From the Basics to Realization. A Practiceoriented Guide], Vieweg Claudia Eckert: IT Security, Concepts - Methods Protocols J. R. Winkler: Securing the Cloud: Cloud Computer Security Techniques and Tactics, Syngress. Current Journals and Magazines on the topic: kes, Der Sicherheitsberater [The Security Advisor], S&I. Anderson, Ross: Security Engineering, A Guide to Building Dependable Distributed Systems; John Wiley & Sons Common Criteria for Information Technology Security Evaluation; www.commoncriteriaportal.org or ISO 15408 Rankl, Wolfgang and Wolfgang Effing: Handbuch der Chipkarten, Aufbau, Funktionsweise, Einsatz von Smart Cards; [Manual of Chip Cards, Structure, Functioning, Usage of Smart Cards] by Hanser technical publishers Additional information: Seite 21/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

9. Secure Systems Lifecycle Management Brief module label: Module description: SM_MA_SecureSystems Secure Systems Lifecycle Management Division in teaching sessions, if applicable: Duration of module: Classification in the curriculum: Usability of the module: Frequency of offering of modules: Author: Private lecturer: Language of instruction: Prerequisites: One semester SecMan Master, 2nd semester, required module The module can also be offered as compulsory optional module for WI [Information Systems] and Computer Science Master degree programmes. Every academic year Prof. Dr. Sachar Paulus Prof. Dr. Sachar Paulus 80% German, 20% English Initial experience in programming web applications for an exemplary scenario. Normally, this should be ensured by studies completed until this point of time. Alternatively: selfstudy, for example, based on PHP 5.3: Program Dynamic Websites Professionally by Christian Wenz and Tobias Hauser (December 2009) ECTS-Credits: 6 Total workload and its composition: Form of teaching/semester hours per week: Study and examination achievements: Weighting of the grade in the overall grade: Learning outcomes: 180 hours = 60 hours of attendance and 120 hours of selfstudy 30 h lecture, 30 h exercices and supervised self-practicioning Practical examination + presentation or oral examination 6,25% of the final grade This course aims to enable the students to acquire knowledge and skills in the following aspects of learning: Knowing and application of Best Practices taught during the development of IT based systems for secure software Development of acceptance criteria for non-functional security requirements Carrying out threat models Avoidance of weak points during the development Carrying out security checks Secure installation and operation of software Establishment of a Security Response Program Analysis of existing software for security-related weak Seite 22/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

points Development and implementation of a protective program for software during the system development Establishment of a Management System for security in the development process, and integration of such Management System into a possibly available quality process Carrying out security analyses ( Hacking ) Presentation of investigation results Contents: Teaching and learning methods: Literature: Basic principles of secure software development: Security requirements Safe designing and threat models Architecture analyses Secure coding Security checks Secure systems Security Response Protection of own software against manipulation and know-how theft Interactive combination of lecture, exercises on own computer, lab exercises, preparation and presentation of content, demonstration of concepts, practical tasks in groups. Basiswissen sichere Software [Basics of secure software] by Sachar Paulus, dpunkt 2011. Software-Qualität, Testen, Analysieren und Verifizieren von Software [Software Quality, Testing, Analysis and Verification of Software] by Peter Liggesmeyer, Spektrum Akademischer Verlag, 2002. Writing Secure Code by Michael Howard & David LeBlanc, 2003 www.owasp.org Additional information: Seite 23/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

10. Scientific Writing Brief module label: Module description: Division in teaching sessions, if applicable: Duration of module: Classification in the curriculum: SM_MA_WissSchreiben Scientific Writing Semester Thesis 1 Semester Thesis 2 Two terms SecMan Master, 1 st and 2 nd term, required module Usability of the module: Frequency of offering of modules: Author: Private lecturer: Language of instruction: Every academic year Prof. Dr. Sachar Paulus Prof. Dr. Friedrich Holl and all other participating teaching faculty members German Prerequisites: ECTS-Credits: 3 Total workload and its composition: Form of teaching/semester hours per week: Study and examination achievements: Weighting of the grade in the overall grade: Learning outcomes: Contents: Teaching and learning methods: 180 hours = 60 hours of attendance and 120 hours of selfstudy Each semester 15h lecture and 15h seminar including presentations by students Written assignments 6,25% oft the final grade Preparation of scientific papers related to the topic of security Methods of collection of data (statistics, interviews, primary/secondary sources) Source discussion: research, reading, evaluation Creative techniques and self-organisation Situation-related requirements for writing styles (advertising, press releases, scientific papers etc.) Preparation of an exposé Methodical structure of scientific papers Phases of scientific working methods Material collection and research Material evaluation and selection Material and topic processing Method of quoting Lecture, discussion, presentation of own results. Seite 24/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

Literature: DIN 1421 (Classification and Numbering System in texts) Eco, U. (2005) Wie man eine wissenschaftliche Abschlussarbeit schreibt - Doktor-, Diplom- und Magisterarbeit in den Geistes- und Sozialwissenschaften [How to Compile Final Thesis for Doctorate, Graduate and Postgraduate Studies in Humanity and Social Science Studies], Müller, Heidelberg, Theisen, Manuel R.: Scientific Papers Technique & Methodology, Form, 2000. Peterssen, Wilhelm H.: Scientific Papers - An Introduction for School and Studies, 1999. Additional information: Seite 25/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

11. Project Brief module label: Module description: SM_MA_Projekt Project Division in teaching sessions, if applicable: Duration of module: Classification in the curriculum: One term SecMan Master, 2 nd term, required module Usability of the module: Frequency of offering of modules: Author: Private lecturer: Language of instruction: Every academic year Prof. Dr. Sachar Paulus Prof. Dr. Friedrich Holl and all other participating teaching faculty members German Prerequisites: ECTS-Credits: 6 Total workload and its composition: Form of teaching/semester hours per week: Study and examination achievements: Weighting of the grade in the overall grade: Learning outcomes: Contents: 180 hours = 60 hours of attendance and 120 hours of selfstudy Lecture: 15 h Practical, demonstration of work: 45 h Practical work + presentation 6,25% of the final grade This course aims to enable the students to acquire knowledge and skills in the following aspects of learning: Conducting security projects Planning a security-related project while following all requirements of security Application of project management methodologies Problem identification: - Systematic preparation of the State of the Art technology - Integration into the available practical context - Basic conditions of deployment - Use of different techniques of analysis such as interview method, questionnaire Delphi method, preparation of the context concerning documents and so on. Development of expected concepts: - Systematically founded development of a practice- Seite 26/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

oriented approach to solutions - Use of creative methods - Cost-benefit analyses - Development of basic conditions for deployment Prototypical implementation - the prototypical implementation is carried out by developing a software prototype - implementation in an enterprise/organisation or e.g. development of an application for R&D sponsorship Teaching and learning methods: Literature: Additional information: Lecture, practical work in groups comprising maximum 7 participants, presentation of own results. A Guide to the Project Management Body of Knowledge, PMI, 2008 For this course, the candidate s willingness to undertake practical work with cooperating partners is a prerequisite. Seite 27/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

12. Master s Thesis Brief module label: Module description: Master s Thesis Master s Thesis incl. Master s Seminar Division in teaching sessions, if applicable: Duration of module: Classification in the curriculum: One semester SecMan Master, 3 rd term, required module Usability of the module: Frequency of offering of modules: Author: Private lecturer: Language of instruction: Prerequisites: Every academic year Prof. Dr. Sachar Paulus All faculty members of the university teaching in the course German / English (as per student s option). Only candidates may register themselves for Master s Thesis, who have successfully completed all examinations and course achievements except the compulsory optional modules1 ECTS-Credits: 21 Total workload and its composition: Form of teaching/semester hours per week: Study and examination achievements: Weighting of the grade in the overall grade: Learning outcomes: Contents: Teaching and learning methods: Literature: 600 hours of self-study Self-study. Master s Thesis (75%) Colloquium (25%) 30% of the final grade This course aims to enable the students to acquire knowledge and skills in the following aspects of learning: Preparation of a scientific paper under the guidance with own creative and/or constructive portions of the topic Security Management within a period of 4 months The Master s Thesis is intended as related preoccupation with an extensive topic and the resulting solution for a theoretical or practical problem. Self-study. Booth, W. C. et a. (1995). The draft of research. Chicago London Brown, S. R. et al. (1990) Experimental Design and Analysis. London Cialdini, R. B. (2001). Influence, Science and Practice. Bosten, M.A. Seite 28/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

Hussley, J., Hussley, R. (1997). Business Research. A practical guide for undergraduate and postgraduate students Karmasin, M. et al. (1999). Die Gestaltung wissenschaftlicher Arbeiten: ein Leitfaden für Haus-, Seminar- und Diplomarbeiten sowie Dissertationen [The Designing of Scientific Papers: A Guide for Homework, Seminar and Graduation Papers and Dissertations]. Vienna Pyrczak, S. et. Al. (1998). Writing empirical Research Reports. Los Angeles. C.A. Seale, C. (1999). The quality of quantitative research. London Trachim, W. M. K. (2000). The Research Knowledge Base. Cincinatti. Ohio Additional information: Seite 29/29 Catalogue of Modules M. Sc. Security Management V. of 2014 May 2014

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information