The master programme consists of the following six mandatory courses,
2 per semester, worth 6 ects each. Each location (University of Twente (UT),
Eindhoven University of Technology (TU/e), and Radboud University Nijmegen
(RU)) offers exactly two of these courses, as indicated below.
-
Network security for Kerckhoffs students:
dr.ir. A. Pras, dr.ir. G. Karagiannis, dr.ir. P.T. de Boer, dr. R. Sadre
(UT)
-
Content:
In the first part (security mechanisms within network protocols) the following topics will be discussed: IPSec, SSH, SSL, HTTPS and security for wireless networks. The second part (systems security) discusses topics like: scans, intrusions, DOS attacks and firewalls. The last part (honeypots) is a lab session, where the students set-up their own honeypot and analyse the detected intrusions.
Style: Lecture & lab assignments
Examination:
Written examination (50%) with complementary assignment and tests (50%)
Materials:
Book: Network Security Essentials - Applications and Standards (Fourth ed.), William Stallings, Prentice Hall, ISBN 0-13-706792-5; Papers: to be downloaded via Blackboard.
Prerequisites:
A basic understanding of layered communication protocols/systems. This is covered, e.g., in the UT course Telematicasystemen en Toepassingen (261000).
-
Cryptography 1:
Tanja Lange
(TU/e)
-
Content:
Basic mathematical background to cryptography, symmetric and
asymmetric cryptographic algorithms, hashes, randomness, signatures,
simple cryptographic protocols.
Style: Lecture, 2 hours per week
Examination: Written exam.
Materials: H.C.A. van Tilborg, Fundamentals of Cryptology: A Professional Reference and
Interactive Tutorial, Kluwer Academic Publishers, 2000.
Prerequisites:
-
Software security :
E. Poll, M. van Eekelen
(RU)
-
Content:
What is software security?
Common software vulnerabilities:
lack of input validation (buffer overflows, SQL injections, etc.,
race conditions, access control, etc.
Design flaws. Implementation flaws. Deployment flaws.
Case studies.
Language level security:
typing; tainting input data; untrusted code security.
Application level security:
runtime monitoring; static analysis; verification; JML, Spec\#.
Software evaluation.
Case studies.
Style: 2 hc, student assignment
Examination:
Materials:
Prerequisites:
-
Verification of Security Protocols:
J.I. den Hartog and S. Etalle
(TU/e)
-
Content:
Modelling of black box security protocols,
intruder model, security requirements,
BAN logics and other security protocol logics,
process algebraic approach to security protocol verification,
model checking. Spi calculus, strand spaces, operational models,
security protocols in action.
Style: Lecture, 2 hours per week
Examination: Assignments.
Materials:
Prerequisites:
-
Security in organisations:
Eric Verheul, Klaus Kursawe, Gerhard de Koning Gans
(RU)
-
Content:
Security policies. Roles. Classifications. Assets and threats. Risk,
vulnerability, control, attack, damage. Risk analysis. Methods/tools for
risk analysis. CERTs. Risk assessment and risk management. Code of Practise
for Information Security (BS7799). evaluation of information security, like
ITSEC and the Common Criteria. Security plan, attack trees, business
continuity planning/incident recovery. Legal
issues: patents and copyright.
Style:
Examination:
Materials:
Prerequisites:
-
Security and Privacy in Mobile Systems:
Frank Kargl
(UT)
-
Content:
Mobile devices and wireless communication systems pervade our daily live at an
ever increasing speed. Recent security problems with wireless LANs,
contact-less chipcards, or cellular networks highlight that security of such
systems is a major concern. As such mobile devices are often equipped with
sensors like GPS and accompany us in our daily activities, usage of the
gathered data also creates privacy issues, e.g., locations of persons can be
traced using such devices. The lecture discusses mobile device security, 2G/3G
security, Bluetooth and RFID security, Security and Privacy in Wireless Ad-hoc
Networks and Vehicular Networks.
Style: 2h lecture plus seminar paper assignment and presentation plus lab
Examination:
Oral examination 60%. Seminar paper and presentation 40%.
Materials:
To be announced in the lecture.
Prerequisites:
Network Security (for Kerckhoffs Students)
