The master programme consists of the following six mandatory courses,
2 per semester, worth 6 ects each. Each location (University of Twente (UT),
Eindhoven University of Technology (TU/e), and Radboud University Nijmegen
(RU)) offers exactly two of these courses, as indicated below.
-
Introduction to computer security:
P. Hartel
(UT)
-
Content:
Protocols, passwords, access control, distributed systems security,
multilevel security, multilateral security, monitoring systems, biometrics,
physical tamper resistance, network attack and defense, protecting
e-commerce systems, copyright and privacy protection.
Style: lecture + paper assignment
Examination:
Written examination 50\%. Students earn the remaining 50\% of the marks
by writing an extended abstract or a paper on security. A short
abstract must be submitted and approved prior to writing the paper.
Materials:
R. J. Anderson, Security Engineering: A guide to building dependable
distributed systems, John Wiley & Sons Inc, New York, 2001, ISBN
0-471-38922-6
-
Cryptography 1:
prof.dr.ir. H.C.A. van Tilborg
(TU/e)
-
Content:
Basic mathematical background to cryptography, symmetric and
asymmetric cryptographic algorithms, hashes, randomness, signatures,
simple cryptographic protocols.
Style: Lecture, 2 hours per week
Examination: Written exam.
Materials: H.C.A. van Tilborg, Fundamentals of Cryptology: A Professional Reference and
Interactive Tutorial, Kluwer Academic Publishers, 2000.
-
Software security :
E. Poll, M. van Eekelen
(RU)
-
Content:
What is software security?
Common software vulnerabilities:
lack of input validation (buffer overflows, SQL injections, etc.,
race conditions, access control, etc.
Design flaws. Implementation flaws. Deployment flaws.
Case studies.
Language level security:
typing; tainting input data; untrusted code security.
Application level security:
runtime monitoring; static analysis; verification; JML, Spec\#.
Software evaluation.
Case studies.
Style: 2 hc, student assignment
Examination:
Materials:
-
Verification of Security Protocols:
J.I. den Hartog and S. Etalle
(TU/e)
-
Content:
Modelling of black box security protocols,
intruder model, security requirements,
BAN logics and other security protocol logics,
process algebraic approach to security protocol verification,
model checking. Spi calculus, strand spaces, operational models,
security protocols in action.
Style: Lecture, 2 hours per week
Examination: Assignments.
Materials:
-
Security in organisations:
Peter van Rossum
(RU)
-
Content:
Security policies. Roles. Classifications. Assets and threats. Risk,
vulnerability, control, attack, damage. Risk analysis. Methods/tools for
risk analysis. CERTs. Risk assessment and risk management. Code of Practise
for Information Security (BS7799). evaluation of information security, like
ITSEC and the Common Criteria. Security plan, attack trees, business
continuity planning/incident recovery. Legal
issues: patents and copyright.
Style:
Examination:
Materials:
-
Network security:
Aiko Pras, G. Karagiannis
(UT)
-
Content:
In this course the principles behind network security, their main protocols as
well as network security mechanisms and techniques, used in wired and
wireless networks, will be discussed. The course covers: network
protocols (MSc Security) / cryptography principles (others), IP
security, Email security, Web security, secure management, Intruders,
Viruses, Firewalls and Privacy.
Style: lecture + paper assignment
Examination:
Written examination (50\%) with complementary assignment and tests (50\%)
Materials:
- Network Security Essentials - Applications and Standards (2nd ed.), William
Stallings, Prentice Hall, ISBN 0-13-120271-5
- Computer Networking: A Top-Down Approach Featuring the Internet, James
F. Kurose & Keith W. Ross: ISBN 0-321-26976-4
