Chaque module vaut 3 ECTS. Vous sélectionnez 10 modules/30 ECTS parmi les catégories suivantes:
- 12-15 crédits ECTS en Modules technico-scientifiques (TSM)
Les modules TSM vous transmettent une compétence technique spécifique à votre orientation et complètent les modules de spécialisation décentralisés. - 9-12 crédits ECTS en Bases théoriques élargies (FTP)
Les modules FTP traitent de bases théoriques telles que les mathématiques élevées, la physique, la théorie de l’information, la chimie, etc., vous permettant d’étendre votre profondeur scientifique abstraite et de contribuer à créer le lien important entre l’abstraction et l’application dans le domaine de l’innovation. - 6-9 crédits ECTS en Modules contextuels (CM)
Les modules CM vous transmettent des compétences supplémentaires dans des domaines tels que la gestion des technologies, la gestion d’entreprise, la communication, la gestion de projets, le droit des brevets et des contrats, etc.
Le descriptif de module (download pdf) contient le détail des langues pour chaque module selon les catégories suivantes:
- leçons
- documentation
- examen
This module teaches two aspects of IT security. The first part deals with secure software, focusing on developing secure software and exploiting defects in software. The second part deals with several advanced security technologies, which includes authentication, access control, network security devices, and operating system security.
Compétences préalables
This module assumes that students have a working knowledge of basic security technologies such as cryptology, secure communication protocols, and access control mechanisms (which amounts to approx. a 4 ECTS bachelor module). See e.g.: William Stallings, Network Security Essentials: Applications and Standards. We also assume that students have a working knowledge in a general purpose programming language such as Java, C, or similar and are familiar with modern software development processes.
Objectifs d'apprentissage
- The students know and understand the secure development lifecycle and are capable of developing secure software.
- The students can analyze software with respect to security and can exploit vulnerabilities.
- The students can employ threat modeling to identify threats and use this to define security requirements.
- The students know and understand advanced authentication and access control methods including identity federations.
- The students understand the underlying principles of application layer firewalls and intrusion detection/prevention systems.
- The students are able to apply the current network access control standards to establish trust in client platforms.
Contenu des modules
The module consists of 2 main topics, Software Security and Security Technologies. Each covers 6-8 weeks.
- Main topic 1: Software Security. The skills taught here are applicable to any software project and therefore include web applications, web services, and mobile applications.
- Introduction to software security (motivation, secure development lifecycle)
- Finding and exploiting vulnerabilities in software (e.g. web applications) by combining manual methods and tools
- Developing secure software (e.g. web applications and web services)
- Security requirements engineering and threat modeling
- Main topic 2: Security Technologies. The skills taught here are applicable to a wide range of scenarios, and include Internet and operating system security.
- Advanced access control and authentication methods and federated identities
- Application level firewalls and intrusion detection/prevention systems
- Internet security, e.g., network access control
- Operating system security and trusted platforms
Méthodes d'enseignement et d'apprentissage
- Lecture: Ex cathedra teaching
- Exercises/self-study: reading texts about security topics, some self-study, mainly about web application development frameworks; practical exercises (computer-based); theoretical exercises
Bibliographie
Lecture slides, references to Internet sources and textbooks
Télécharger le descriptif complet
Retour