<< Home / Curriculum
Optional Courses
The following optional courses are offered to students of the master programme by the three locations. These courses are all concern security-related topics relevant and will be scheduled in such a way that they can be followed by all students.
Introduction to Biometrics: Raymond Veldhuis, B. Goekberk (UT)
Content:
  1. Introduction (biometrics and its applications, overview of biometric recognition methods)
  2. The biometric recognition problem (Verification, Identification, Optimal classifiers, Other classifiers, Feature extraction, High- vs. low-level features, Dimensionality reduction)
  3. Estimating the parameters of a classifier (Training, The small sample size problem, Dimensionality reduction, Principal component analysis, Linear Discriminant analysis)
  4. Pre-processing and signal conditioning (Object detection, Alignment (registration), Normalization)
  5. "Hot topics" (3d face recognition, active appearance models, TBD)
  6. Applications and their specific requirements
Face recognition will be used throughout as an example.
Style: lecture + seminar
Examination: (MATLAB) exercises, practical assignment, end paper.
Materials: Selected book chapters and articles.
Prerequisites: MATLAB, elementary statistics
Secure data management: Willem Jonker (UT)
Content: The spectacular development of processing, storage, and communication technologies has spawned an increased awareness of and interest in secure data management to our Networked Information Society. The course introduces the major building blocks for secure data management and teaches the master principles and current trends in advanced access control techniques and schemes as well as advanced search in encrypted data techniques. Practice the theories learned during the course in solving a real-world security problem, like building a secure email server with advertisement function, searching in encrypted data, etc. Introduction to cryptography and private/public key management; Search in encrypted data; Digital right management; Access control for databases; Identity Management; Privacy Protection.
Style: 2hc + practical assignment
Examination: Written examination plus group assignments.
Materials: Reader Secure Data Mangement.
Prerequisites: Must be familiar with the basics of data management techniques including database query processing, index, etc. (given in the Database course). Must also be familiar with basic security techniques such as hashing, public key encryption, etc.
Cryptography 2: Berry Schoenmakers, Benne de Weger (TU/e)
Content: In this course we extend the exploration of cryptography from basic cryptographic algorithms (covered in Cryptography 1) to cryptographic protocols, and more generally to cryptographic systems. Whereas cryptographic algorithms can be executed locally, by entities on their own, a cryptographic protocol requires two or more entities to interact by exchanging messages to jointly achieve a set of security (and privacy) goals. A typical cryptographic system combines the use of several cryptographic algorithms and protocols to provide security services to the surrounding information systems.

The goal of this course is to treat a wide range of cryptographic protocols and to get a basic understanding of the cryptographic systems that are in use today. In some cases, the security goals will be defined formally, and some cryptographic protocols will be accompanied by a security proof showing that the goals are met.

Furthermore, practical examples of cryptographic systems will be treated showing how security goals such as message protection, transaction security, or access control can be achieved.
Style: Lecture, 2 hours per week
Examination: Written exam plus assignments
Materials: Lecture notes
Prerequisites:

Seminar Information Security Technology: Boris Skoric, Alexander Serebrenik (TU/e)
Content: In the course of the seminar we will discuss a number of information security-related subjects, such as side-channel attacks and security considerations in radio frequency identification applications. The lecturers will provide an introduction to the chosen subjects. Students are responsible for choosing a topic related to the subject proposed, performing a literature study, and reporting on the findings in a proposed form (oral, written, oral and written).

Participation in all meetings is obligatory. Participants are expected to contribute actively to the discussion as well as to review presentations by their peers.
Style: Seminar
Examination: Assignments (paper and presentation)
Materials:
Prerequisites:

Hacker's Hut: Sandro Etalle and Andries Brouwer (TU/e)
Content: System security can be approached from two sides - the viewpoint of the attacker and that of the defender. For a defender it is necessary to know what threats to defend against, no use installing a heavily shielded front door when intruders enter through unprotected backdoors and windows. The present course talks about security primarily from the hackers' point of view - it points out categories of weaknesses in various systems, shows how to learn about these weaknesses and how to exploit them. The course is divided in two parts: first four standard lectures on system security, needed to have a general knowledge of hacking techniques. The second part consists of 8-9 weeks of hands-on course. The focus on Web Application vulnerabilities, and the aim is learning how some attacks work in practice. There is a lab in a protected environment in which the students have to carry out a number of challenges, and get hold of some secret information hidden in various computer systems by exploiting a given techniques. Two invited lectures given by people from the industry (KPMG and Madison Gurkha) wide experience in hacking and cyber-defense will complete the course.
Style: Lecture, 2 hours per week
Examination: Assignments
Materials: Lecture notes
Prerequisites:
Hardware and Operating Systems Security: Erik Poll, Lejla Batina (RU)
Content: Focus of this course in on security hardware, in particular smartcards and RFID, side-channel attacks on smartcards, including DPA (Differential Power Analysis) and fault injection, and sample applications (EMV bank cards, e-passports, Mifare).

Students build their own smartcard application, from the design incl. key management and cryptographic protocols, down to an actual implementation on hardware, and carry out practical experiments with side-channel attacks in the DPA lab.
Style: Lecture, project and lab work.
Examination: Project assignments.
Materials:
Prerequisites:

Privacy Seminar: J. H. Hoepman (RU)
Content: Privacy has always been a controversial topic. Governments and business want to collect information about their citizens and customers - for their own benefit as well their clients. In surveys, people claim that they value their privacy. In practise, people give away personal information very easily, either because they do not receive a service otherwise, or because they are unable to protect that information reliably. With the calls for ever increasing security - after the events of the last few years - privacy has eroded even further, it seems.

In this seminar we will explore the state of the art in privacy enhancing technologies (PET), and discuss theories (technical, legal and societal) of privacy. Topics that will be covered (depending on the choice of the students): location privacy (roadpricing, ov chipkaart), rfid privacy, identity management, electronic voting, smart metering/smart grids, social networks, searching.
Style: seminar
Examination: Presentation in class, writing a student paper, and refereeing a student paper.
Materials: A selection of scientific papers.
Prerequisites: Cryptography I

Law in Cyberspace: Mireille Hildebrandt (RU)
Content: What does law have to do with computer science experts? What is the difference between law, morality and politics? How do computational technologies change the playing field of traditional written law? What law applies to the sharing of personal data with a company established in the US, e.g. Google? Which investigative techniques can be employed lawfully by justice authorities and how can citizens contest violations of privacy or due process? What legal protection is offered by EU data protection legislation and how does the European legal framework differ from that of the US? This course aims to provide computer and information scientists with an overview of the legal domain and a reflection on the fundamental changes in the legal system due to the emerging computational infrastructure. For further information see blackboard at www.blackboard.ru.nl
Style: Interactive Lectures
Examination: 2 individual assignments, 1 group assignment, written examination
Materials: Legal code, case law, legal literature.
Prerequisites: Master level.