Details

Lecture contents

The exercises are teaching the useage of and development for smartcards.
Students will need to complete the following exercices (alone and in groups):

* Usage of PKCS#11 tokens in application software
* Access to a smartcard using PC/SC and APDUs
* Integrating a PKCS#11 token or a JavaCard into an authentication software

Assessment methods

The grade will be calculated based on the projects

Teaching methods

Programming in groups

Language

English

Lecture contents

ASN.1
Smartcards
Constrained Networking
Mobile Authentication
RIOT-OS
Secure Firmware Update
Internet-of-Things (IoT-Security)
Overview Embedded C

Assessment methods

Intermediate tests, distance/remote learning, final exam.

Teaching methods

Lectures and remote/distance learning
English slides

Language

English

Lecture contents

- Independent work on a topic from the area of Computer Science, primarily based on the technical topics of the elective modules in the 4th and 5th semesters at a scientific level under the guidance of a supervisor.
- Elaboration of the bachelor thesis 1

Assessment methods

Final exam
Approbation of bachelor thesis

Teaching methods

Implementation of a project and elaboration as a bachelor thesis with coaching. Students present the current development of their bachelor thesis 1 at regular intervals and put it up for discussion.

Language

German

Lecture contents

- Independent work on a relevant subject based on the technical topics of the elective modules and possibly the Bachelor thesis 1 at a scientific level under the guidance of a supervisor.
- Elaboration of the bachelor thesis 2

Assessment methods

Final exam
Approval of the bachelor thesis

Teaching methods

Carrying out a practical work and elaboration as a bachelor thesis with coaching. Students present the current development of their bachelor thesis 2 at regular intervals and put it up for discussion.

Language

German

Lecture contents

- Independent work on a topic from the area of Computer Science, primarily based on the technical topics of the elective modules in the 4th and 5th semesters at a scientific level under the guidance of a supervisor.
- Elaboration of the bachelor thesis 1

Assessment methods

Final exam
Approbation of bachelor thesis

Teaching methods

Implementation of a project and elaboration as a bachelor thesis with coaching. Students present the current development of their bachelor thesis 1 at regular intervals and put it up for discussion.

Language

German

Language

German

Lecture contents

Based on the lecture "Secure Software Development" and the corresponding exercise from the first semester, measures and techniques along the life cycle of an application are discussed in order to detect or avoid security vulnerabilities in design, implementation, deployment, upgrade or maintenance of an application or in the underlying system. In addition, the course deals with security aspects at runtime of applications as well as aspects of DevOps or DevSecOps (Development, Security and Operations). These techniques will be further deepened by means of practical exercises. In particular, the following technologies will be considered:
- Virtualization (e.g. KVM, Proxmox VE)
- Container technologies (system vs. application containers)
- LXC, Docker, and related tools
- Security Automation, Infrastructure as Code (e.g. Ansible)
- Continuous Integration/Continuous Deployment (CI/CD)
- Fuzzing
- CIS benchmarks

Assessment methods

Continuous assessment

Teaching methods

ILV

Language

German

Lecture contents

- Technical basics of identity management
- Single sign-on systems, Shibboleth, Kerberos
- OAuth, OpenID Connect, SAML; FIDO, U2F
- Practical project
- Cloud paradigms (IAAS, PAAS, SAAS)
- Security in the Cloud (Searchable/Homomorphic Encryption)

Assessment methods

Final exam
written test

Teaching methods

Lecture
Distance learning
Practical work in small group

Language

German

Lecture contents

In this course, we will examine computer security from the perspective of an attacker. In lab exercises, the attacks demonstrated in the lecture will be tried independently to gain a deeper understanding of how attackers work. This trains the critical perspective for computer security in operation and design. This lecture is part one of the Cyber Security/Cyber Crime Defense lecture series.
TCP/IP, UDP & IP Spoofing, ARP Poisoning, DNS, Traffic Amplification Attacks, Web Applications, OWASP Top10, XSS, SQL Injections, Java Security, Buffer Overflows.

Assessment methods

Final exam
5 practical challenges (of which you need to solve 3) and a written exam.

Teaching methods

The integrated course uses individual lecture blocks and an online platform where students solve exercise examples. The exercise examples are, for example, exploiting vulnerabilities in Linux and Windows, buffer overflows or modifying a mobile app.

Language

German-English