Security Models in Information Systems
Lecturers: A. Univ.-Prof. Dr. Josef Küng, Dr. Erik Sonnleitner
Registration via KUSSS.
Appropriate implementation of security in Information Systems must ensure the interest of the user and other affected persons in terms of Availability, Confidentiality, Anonymity and Integrity. Therefor Access- Data Flow and Inference-Control are crucial. Goal of the lecture is to communicate models, concepts and architectures that support such an appropriate implementation of security in Information Systems.
The lecture starts with Architecture of Information Systems with a focus on security relevant parts. Secondly, the most important models and concepts for security in Information Systems are presented. Then techniques for hardening database systems and information systems are introduced. Additionally data anonymity and watermarking in databases will be touched.
Students have to fulfil a small particular task in the area of security in information systems and present the results. Homework can be done in groups up to 3 persons.
The presentation should take 15-20 minutes. Presentation material (e.g. slides, screen dumps, … ) has to be sent to the lecturer via e-mail by the day before the presentation . The presentation can be done in German as well.
It is a written examination and will take 60 minutes. Students have to bring their own blank paper.
No documents (like course documents, books, personal notes, etc.) or any other external information are permitted.
Questions will be formulated in German and English and can be answered in one of these two languages.
Since there have been no slides uploaded for chapter ‘Authentication’, this chapter will not be used in the examination. Only the documents, which are available in KUSSS since the last lecture (June 2) are subject of the examination.