| Prerequisites and co-requisites |
Basic knowledge of handling the Unix / or Linux command line; Knowledge of the most important commands for navigation in the directory tree; Copying, deleting etc. of files; User management; Basic knowledge of dealing with networks: configuring the network interface; Basic knowledge of the configuration of network devices (routers, switches) using the console. The students understand the concepts of structured and object-oriented programming. They master a structured programming language (e.g. C). They can use a compiler on the command line and know the main options. The students already know concepts and models in connection with computer networks (e.g. layer model); they know the most important network protocols (e.g. HTTP, TCP, IP, DNS etc.). They can also log and analyze network traffic (e.g. using wireshark). |
| Course content |
Lecture:
- Goals and processes of IT system management: availability; reliability; robustness; resilience; scalability; performance; safety;
- Active Directory concepts
- Group policies
- User rights and rights management (access control)
- Distribution of SW
- Update / upgrade / patch management;
- Backup concepts
- Storage networks; RAID
- Libraries: static versus shared libraries
- Creation; construction; use
Applied cryptology:
- Cryptological methods: symmetrical versus asymmetrical encryption,
- Secure hashes
- Digital signatures, certificates and PKI
- MAC (message authentication code)
- Which procedure is used where (security goal / application)?
- Cryptological / security protocols: SSL / TLS, IPsec
Exercise:
- Setting up an IT system for a small company: Installation and configuration of the server systems (Active Directory etc.)
- User administration
- Distributed authentication in heterogeneous systems
- Authorization / Access Control
- Web, file services
- Deployment of an application to the workstation
- Analysis and improvement of the security of the overall system
- Installation of software under Linux (package management and source packages). Interpretation of possible error messages. Acquire problem-solving skills for this: Building libraries; Configuration of libraries; Versioning in libraries
Exercises on cryptology:
- Classic cryptology
- Cryptanalysis: linguistic frequencies
- Block cipher modes (ECB, CBC)
- Pitfalls when using XOR
- Certificate management
- SSL / TLS
|
| Learning outcomes |
- The students know and understand the most important goals and processes of IT system management: availability; Reliability; Robustness; Resilience; Scalability; Performance; Safety;
- Students know and understand models, concepts and tools to make the operation and management of software, information and IT systems secure.
- Students can use various organizational approaches and models to implement security as a holistic goal in a company and / or Implement system.
- Students can independently perform server configuration tasks: They can configure a simple Windows domain controller. They understand the concepts of Active Directory and can apply them. Using on-board means of the operating system or additional software from the Systems Management area, they can carry out a wide variety of system tasks (e.g. user profiles; software deployment).
- Students know how Linux libraries are structured and can create and use libraries independently. They can use package installation tools on Linux.
- Students know and understand concepts related to cryptology (e.g. Kerkhoff's principle). They understand the basics of cryptographic methods (e.g. symmetrical and asymmetrical cryptology, hashing). They are familiar with widely used encryption methods (e.g. AES, RSA). They are familiar with widely used security protocols (e.g. SSL, IPSec). They understand digital signatures and certificates. They understand the security goals (CIA and advanced goals). They know about all the procedures and protocols mentioned, for what or for which security goal the procedure can be used and vice versa.
|
| Planned learning activities and teaching methods |
- integrated lecture and accompanying seminar with exercises/labs
- lab exercises using virtual machines
|
| Assessment methods and criteria |
Continuous evaluation of the seminar/labs 40% / Written examination at the end: 60%
For a positive grade, a minimum of 50% of the possible points must be achieved in each part of the examination. |
| Comment |
Non applicable |
| Recommended or required reading |
Allen, Julia H. (2008): Software Security Engineering: A Guide for Project Managers: A Guide for Project Managers. 1st Ed. Upper Saddle River, NJ: Addison-Wesley Professional.
Anderson, Ross J. (2008): Security Engineering: A Guide to Building Dependable Distributed Systems. 2. Tokyo, New York: Wiley.
Burgess, Mark S. (2004): Principles Of Network And System Administration 2Nd Edition. John Wiley & Sons.
Limoncelli, Thomas A.; Hogan, Christina J.; Chalup, Strata R. (2016): The Practice of System and Network Administration Volume 1: DevOps and other Best Practices for Enterprise IT. 3rd edition. Boston: Addison Wesley.
McGraw, Gary R. (2006): Software Security: Building Security In. Annotated ed. Upper Saddle River, NJ: Addison Wesley.
Paulus, Sachar (2011): Basiswissen Sichere Software: Aus- und Weiterbildung zum ISSECO Certified Professional for Secure Software Engineering. 1st Ed. Heidelberg: Dpunkt Verlag.
Pröhl, Mark (2011): Kerberos: Single Sign-on in gemischten Linux/Windows-Umgebungen. 1st Ed. Heidelberg: dpunkt.verlag GmbH.
Schiesser, Rich (2010): It Systems Management. 002 Ed. Upper Saddle River, NJ: Prentice Hall.
Schumacher, Markus et al. (2005): Security Patterns: Integrating Security and Systems Engineering. 1. Chichester, England ; Hoboken, NJ: Wiley.
Seacord, Robert C. Seacord (2013): Secure Coding in C and C++. 2nd edition. Upper Saddle River, NJ: Addison-Wesley Professional. |
| Mode of delivery (face-to-face, distance learning) |
Classroom teaching plus seminar labs. Attendance is mandatory in the seminar |