Course Information
In-depth knowledge in computer security is needed when designing secure information systems and (computer) applications. In particular, it is important to understand how security protocols and cryptographic methods should be applied to obtain secure applications. Since attacks on systems will occur it is also important to understand how intrusion can be analyzed and should be dealt with in a professional way. Furthermore, one should understand how “the enemy” works and thinks to obtain his/her goal.
Topics:
- Computer Forensics: principles, standard practices, tools
- Digital signatures: Digital signatures in reality, Public Key Infrastructure (PKI) (certificat, revocation, CA, RA, X509), XML signatures
- Secure networks:: authentication methods, RADIUS, DIAMETER, description and comparison of IPSEC/VPN, TLS, SSL. WLAN security. UMTS, Denial of Service (DOS) attacks, Internet security
- Special crypto algorithms: blind signatures, e-voting, dual signatures
- E-commerce: solutions (”Amazon.com”, ”SET”, ”E-cash”), micro-payment,
- DRM system: DRM (ebook, OMA DRM Phase 2),
- Trusted Platforms: TCG solutions, Smartcard, SELinux,
- Security in mobile phones: Android, MeeGo
Literature:
Lecture notes in form of powerpoint slides and articles.