Master's Degree Program

IT-Security

part-time

The intertwinement of telecommunications, mobile communications and data networks is turning IT security into an explosive topic and a key risk factor in today's businesses. Services such as e-commerce, e-government or digital media and their copyright protection severely stress data, network and transmission security. In the Master's degree program you will be specializing in aspects of technical security and the "human risk factor"

Department
Engineering
Topic
Technologies

Highlights

  • Holistic view of software, hardware, people

  • Current topics like cyber security and cyber defense and additional certifications in demand in the industry

  • Know-how transfer from FH's own competence center for IT security

     

    Facts

    Final degree

    Master of Science in Engineering (MSc)

    Duration of course
    4 Semesters
    Organisational form
    part-time

    Tuition fee per semester

    € 363,361

    + ÖH premium + contribution2

    ECTS
    120 ECTS
    Language of instruction
    German

    Application Winter semester 2024/25

    02. October 2023 - 15. July 2024

    Study places

    25

    1 Tuition fees for students from third countries € 727,- per semester

    2 for additional study expenses (currently up to € 83,- depending on degree program and year)

    The duration of studies can also be extended to 6-8 semesters within the framework of a partial study programme with a correspondingly reduced ECTS workload.

    Before the studies

    Data protection and system security are your top priority. You have the ability to identify potentially weak points in systems and networks. This motivates you to find suitable measures to prevent manipulation and to block unauthorized access. New technologies arouse your interest - yet always with guaranteed security standards in mind. Your are familiar with encryption methods and you would like, in your Master's degree program, to delve deeper into cryptography as a field for research and application.

    Why you should study with us

    Participate in interdisciplinary student or research projects

    This way, fun and experience are guaranteed!

    Practical training on campus

    Modern laboratory equipment and high-tech research facilities enable practice-oriented teaching.

    Unique job opportunities


    Obtain additional certificates while still studying and increase your market value.

    Do you still have questions about the study?

    Make an appointment with Manuel Koschuch manuel.koschuch@fh-campuswien.ac.at for a a personal consultation via Zoom.

    • A Bachelor degree or diploma certificate from an institute of higher education with a total of 180 ECTS credits with at least 42 ECTS credits in the relevant subjects of information technology, software engineering and network engineering. In exceptional cases, the University Council will make a joint decision with the Program Director.
    • Equivalent certification from abroad
      • Equivalence is determined by international agreements, validation or in individual cases a decision by the head of the academic section.
    • The admission requirements are satisfied with successful graduation from the Computer Science and Digital Communications, Information Technologies and Telecommunication (discontinued) and Applied Electronics Bachelor degree programs offered at FH Campus Wien.

    To apply you will require the following documents:

    • Birth certificate
    • Proof of citizenship
    • A Bachelor degree or diploma certificate/equivalent certification from abroad and CV in table form.

    Please note:
    It is not possible to save incomplete online applications. You must complete your application in one session. Your application will be valid as soon as you upload all of the required documents and certificates. In the event that some documents (e.g. references) are not available at the time you apply, you may submit these later via e-mail, mail or in person by no later than the start of the admission process.

    The admission procedure checks the applicants' professional suitability for the Master's programme. It consists of a written test lasting approximately one hour and a subsequent interview with the admissions committee. You will receive the date for the admission procedure from the secretary's office. The admission interview usually takes place at the FH Campus Vienna.

    • Goal
      The goal is to offer a study place to those persons who complete the admission procedure with the best results.
    • Criteria
      The admission criteria are exclusively performance-based. You will receive points for the interview, after which the ranking of the candidates will be determined. Geographical assignments of the applicants have no influence on the admission. The admission requirements must be met. The entire process as well as the evaluations of the admission procedure are documented and archived in a comprehensible manner.

    During the studies

    IT security is a highly agile field. Attacks on servers and networks are getting increasingly sophisticated. Our state-of-the-art network laboratory where you may refine your strategies for preventing unauthorized access and develop measures and scenarios for protection is at your disposal. You will have the opportunity of participating in research and development (R&D) projects, engaging in active exchange between science and practice at the university. The degree program also includes an own "IT security competence team", working in close cooperation with companies. The research focuses on the transmission of data, safe from manipulation or eavesdropping.

    The number of mobile end devices will continue to increase and thereby also the demands made on data security for these tiny devices with their weak computing power. Sensor nodes which, albeit very versatile, are also small and have limited computing capacity and very little storage space are another example. Contrasting with these, we have the Cloud with its seemingly infinite computing and storage resources. The IT Security Master's degree program addresses both these developments in its research program.

    The course experts implement, evaluate and compare a diversity of cryptographic algorithms in the affiliated Competence Center for IT Security.

    The goal is to establish easily realizable secure data encryption options in practice. Findings are directly incorporated into the degree program to assuring you, the Master's student, of a decisive advantage of knowledge. The specialist know-how of our lecturers is also in high demand internationally. Experts of the IT Security Competence Center are often asked to participate as speakers at international conferences on data security and data protection. Papers published by the IT experts often receive awards such as the FH Best Paper Award, repeatedly awarded to FH Campus Wien.

    The Master's degree program will impart to you the know-how enabling you to make overall system security assessments. To achieve this goal, you will combine your technical knowledge of information technology, data systems and communication networks with the focus on IT security. You will also acquire skills in personal development and business administration.

    • You have in-depth knowledge on the levels of software, networks, systems and security. The technical focus is on secure software design, cryptography, data protection, IT architecture and secure network engineering.
    • You will expand your social and management skills in terms of communication style, leadership and management know-how. Knowledge of business administration and the legal framework of data security will round out your education.

    Curriculum

    Module Applied network security
    2 SWS
    4 ECTS
    Network Defense Technologies | ILV

    Network Defense Technologies | ILV

    2 SWS   4 ECTS

    Content

    • Threat overview
    • Firewalls (stateless/stateful)
    • Intrusion detection and prevention
    • Overview of SSL and TLS as well as VPN technologies (L2TP, PPTP, MPLS, IPsec)
    • Practical lab exercises in the VPN environment

    Teaching method

    • Lecture with slides and beamer, additional explanations on whiteboard
    • Lectures by external company experts
    • Laboratory exercises

    Examination

    Final exam: Final written exam

    Literature

    Bücher:

    • Lipp, Manfred: VPN - Virtuelle Private Netzwerke, Addison-Wesley, 1. Auflage, 2007
    • Fritsch, Jörg; Gundel, Steffen: Firewalls im Unternehmenseinsatz, dpunkt-Verlag, 2., überarbeitete und aktualisierte Auflage, 2005

    Teaching language

    Deutsch

    2 SWS
    4 ECTS
    Module Cryptographic basics
    5 SWS
    8 ECTS
    Introduction to Cryptography | VO

    Introduction to Cryptography | VO

    2 SWS   3 ECTS

    Content

    The lecture covers basic concepts of cryptography, methods of classical cryptography, symmetric and asymmetric cryptography as well as basic concepts of data security.
    In addition to basic procedures for the encryption and decryption of data, digital signatures and other basic mechanisms as well as cryptographic protocols and their respective areas of application are considered. In addition, modern procedures such as elliptic curves are also considered in an overview. The associated key management and an overarching security infrastructure are also taken into account. Practical application examples are used for a better understanding and illustration of the functionality.

    Teaching method

    Lecture

    Examination

    Final exam

    Literature

    Bücher:

    • Beutelspacher, Albrecht: Kryptologie, Vieweg Verlag, 8., aktualisierte Auflage, Juli 2007
    • Beutelspacher, Schwenk, Wolfenstetter: Moderne Verfahren der Kryptographie, Vieweg Verlag, 6., verbesserte Auflage, Januar 2006
    • Buchmann, Johannes: Einführung in die Kryptographie, Springer Verlag, Berlin, September 2003
    • Menezes, Alfred J., et al.: Handbook of Applied Cryptography
    • Schneier, Bruce: Angewandte Kryptographie. Protokolle, Algorithmen und Sourcecode in C, Pearson-Studium, Dezember 2005
    • Schneier, Bruce: Secrets and Lies, Wiley and Sons, Januar 2004
    • Singh, Simon: Geheime Botschaften, Dtv, Dezember 2001
    • Schwenk, Jörg: Sicherheit und Kryptographie im Internet, Vieweg Verlag, August 2005
    • Wätjen, Dietmar: Kryptographie – Grundlagen, Algorithmen, Protokolle. Spektrum Verlag, 2. Auflage, Heidelberg, 2008
    • Werner, Annette: Elliptische Kurven in der Kryptographie, Springer Verlag Berlin Heidelberg, 2002

    Teaching language

    Deutsch

    2 SWS
    3 ECTS
    Introduction to the cryptography | UE

    Introduction to the cryptography | UE

    1 SWS   2 ECTS

    Content

    The exercise accompanies and deepens the contents of the lectures by means of computational problems to be solved independently by the students as well as the implementation of small cryptographic tasks in C and Java.

    Teaching method

    Exercise

    Examination

    Continuous assessment

    Literature

    Bücher:

    • Beutelspacher, Albrecht: Kryptologie, Vieweg Verlag, 8., aktualisierte Auflage, Juli 2007
    • Beutelspacher, Schwenk, Wolfenstetter: Moderne Verfahren der Kryptographie, Vieweg Verlag, 6., verbesserte Auflage, Januar 2006
    • Buchmann, Johannes: Einführung in die Kryptographie, Springer Verlag, Berlin, September 2003
    • Menezes, Alfred J., et al.: Handbook of Applied Cryptography
    • Schneier, Bruce: Angewandte Kryptographie. Protokolle, Algorithmen und Sourcecode in C, Pearson-Studium, Dezember 2005
    • Schneier, Bruce: Secrets and Lies, Wiley and Sons, Januar 2004
    • Singh, Simon: Geheime Botschaften, Dtv, Dezember 2001
    • Schwenk, Jörg: Sicherheit und Kryptographie im Internet, Vieweg Verlag, August 2005
    • Wätjen, Dietmar: Kryptographie – Grundlagen, Algorithmen, Protokolle. Spektrum Verlag, 2. Auflage, Heidelberg, 2008
    • Werner, Annette: Elliptische Kurven in der Kryptographie, Springer Verlag Berlin Heidelberg, 2002

    Teaching language

    Deutsch

    1 SWS
    2 ECTS
    Cryptographic methods for IT | ILV

    Cryptographic methods for IT | ILV

    2 SWS   3 ECTS

    Content

    In a bottom-up approach, the individual components of a computer system and, subsequently, of a network are examined, and starting points for possible attacks are presented at each level. Cryptographic options for counteracting these attacks are then discussed. This covers side-channel attacks on the silicon level, TPM and BIOS encryption, network authentication mechanisms and a brief introduction to security in the cloud environment.

    Teaching method

    ILV

    Examination

    Final exam

    Literature

    Bücher:

    • Beutelspacher, Albrecht: Kryptologie, Vieweg Verlag, 8., aktualisierte Auflage, Juli 2007
    • Beutelspacher, Schwenk, Wolfenstetter: Moderne Verfahren der Kryptographie, Vieweg Verlag, 6., verbesserte Auflage, Januar 2006
    • Buchmann, Johannes: Einführung in die Kryptographie, Springer Verlag, Berlin, September 2003
    • Menezes, Alfred J., et al.: Handbook of Applied Cryptography
    • Schneier, Bruce: Angewandte Kryptographie. Protokolle, Algorithmen und Sourcecode in C, Pearson-Studium, Dezember 2005
    • Schneier, Bruce: Secrets and Lies, Wiley and Sons, Januar 2004
    • Singh, Simon: Geheime Botschaften, Dtv, Dezember 2001
    • Schwenk, Jörg: Sicherheit und Kryptographie im Internet, Vieweg Verlag, August 2005
    • Wätjen, Dietmar: Kryptographie – Grundlagen, Algorithmen, Protokolle. Spektrum Verlag, 2. Auflage, Heidelberg, 2008
    • Werner, Annette: Elliptische Kurven in der Kryptographie, Springer Verlag Berlin Heidelberg, 2002

    Teaching language

    Deutsch

    2 SWS
    3 ECTS
    Module Networked Systems
    4 SWS
    8 ECTS
    Distributed Systems Dependability | ILV

    Distributed Systems Dependability | ILV

    2 SWS   4 ECTS

    Content

    • Dependability and Fault Tolerance
    • Synchronization and Agreement
    • Redundancy and Replication
    • Transaction Control
    • Group Membership and Failure Detection
    • Group Communication
    • Practical Project

    Teaching method

    ILV

    Examination

    Final exam

    Literature

    Bücher:

    • Andrew S. Tanenbaum and Maarten van Steen. Distributed Systems: Principles and Paradigms, Prentice-Hall, 2006.

    Teaching language

    Deutsch

    2 SWS
    4 ECTS
    Wireless Network Security | ILV

    Wireless Network Security | ILV

    2 SWS   4 ECTS

    Content

    • Basics of RF transmission (antennas, radio field)
    • Security aspects of wireless network technologies (shared medium vs. wire, attack methods, mobile devices)
    • Wireless network technologies and their security mechanisms
      • Wireless LAN (802.11)
      • Bluetooth
      • ZigBee
      • GSM/UMTS/LTE
    • Practical examples of attacks and system setups

    Teaching method

    ILV

    Examination

    Final exam: Final examination and accompanying exercises

    Literature

    Bücher:

    • Andrew S. Tanenbaum and Maarten van Steen. Distributed Systems: Principles and Paradigms, Prentice-Hall, 2006.

    Teaching language

    Deutsch

    2 SWS
    4 ECTS
    Module Self- and corporate organization
    3 SWS
    4 ECTS
    Information Management | VO

    Information Management | VO

    1 SWS   2 ECTS

    Content

    Definition of information management
    Levels of information management
    Information architecture and information infrastructure
    Information needs analysis
    Data management
    Knowledge management

    Teaching method

    Lecture

    Examination

    Final exam: The exam will be conducted in the form of an “open book exam” at the end of the course. The knowledge acquired during the course needs to be applied to a specific case. Depending on the situation at the date of the exam, it will be held in the form of a presence or in the form of an online exam.

    Literature

    Bücher:

    • Daniel Goleman: Soziale Kompetenz; Wer auf andere zugehen kann, hat mehr vom Leben. Droemer, 2006
    • Friedemann Schulz von Thun: Miteinander reden:3. rororo, 2013
    • Nikolaus B. Enkelmann: Rhetorik Klassik, Die Kunst zu überzeugen. Gabal, 1999
    • Sandel, M.J.: Was man für Geld nicht kaufen kann: Die moralischen Grenzen des Marktes. Ullstein eBooks, 2012
    • Rogaway, Phillip. The moral character of cryptographic work. Cryptology ePrint Archive, 2015.
    • Zweig, Katharina. Ein Algorithmus hat kein Taktgefühl: Wo künstliche Intelligenz sich irrt, warum uns das betrifft und was wir dagegen tun können. Heyne Verlag, 2019
    • Nida-Rümelin, J., Weidenfeld, N. (2018): Digitaler Humanismus. Eine Ethik für das Zeitalter der künstlichen Intelligenz. Piper: München.
    • Van den Hoven, Jeroen, et al. "Privacy and information technology." (2014).
    • Jochen Schwarze, „Informationsmanagement“, NWB Verlag 1998
    • Helmut Krcmar, „Informationsmanagement“, 5 Auflage, Springer Verlag, 2005

    Teaching language

    Deutsch

    1 SWS
    2 ECTS
    Communicative and social skills | ILV

    Communicative and social skills | ILV

    2 SWS   2 ECTS

    Content

    Basic assumptions of communication, body language, presentation techniques, social competence, effective communication strategies, rhetorical basics, application of different conversation and questioning techniques, promoting and hindering conversation behavior, self-organization, conflict management

    Teaching method

    Individual work, work in smaller and larger groups, teacher-centred information phases, 
    review-journal

    Examination

    Continuous assessment: Physical presence

    Active cooperation

    Seminar paper

    Review-Journal

    Literature

    Bücher:

    • Daniel Goleman: Soziale Kompetenz; Wer auf andere zugehen kann, hat mehr vom Leben. Droemer, 2006
    • Friedemann Schulz von Thun: Miteinander reden:3. rororo, 2013
    • Nikolaus B. Enkelmann: Rhetorik Klassik, Die Kunst zu überzeugen. Gabal, 1999
    • Sandel, M.J.: Was man für Geld nicht kaufen kann: Die moralischen Grenzen des Marktes. Ullstein eBooks, 2012
    • Rogaway, Phillip. The moral character of cryptographic work. Cryptology ePrint Archive, 2015.
    • Zweig, Katharina. Ein Algorithmus hat kein Taktgefühl: Wo künstliche Intelligenz sich irrt, warum uns das betrifft und was wir dagegen tun können. Heyne Verlag, 2019
    • Nida-Rümelin, J., Weidenfeld, N. (2018): Digitaler Humanismus. Eine Ethik für das Zeitalter der künstlichen Intelligenz. Piper: München.
    • Van den Hoven, Jeroen, et al. "Privacy and information technology." (2014).
    • Jochen Schwarze, „Informationsmanagement“, NWB Verlag 1998
    • Helmut Krcmar, „Informationsmanagement“, 5 Auflage, Springer Verlag, 2005

    Teaching language

    Deutsch

    2 SWS
    2 ECTS
    Module Secure applications
    4 SWS
    6 ECTS
    Secure software development | VO

    Secure software development | VO

    2 SWS   3 ECTS

    Content

    Historical and current vulnerabilities in software products are discussed, and approaches to solutions are discussed that help to avoid or detect these errors already in the development process. Measures to minimize the effects of errors in existing, non-modifiable software by means of suitable system configuration are also presented.

    Teaching method

    * Lessons
    * Presentations by student groups

    Examination

    Final exam: * Final exam

    * Grading of the presentations

    Literature

    Bücher:

    • Howard, Michael et al.: 24 Deadly Sins of Software Security, McGraw/Hill/Osborne, 2009
    • Hoglund, Greg and McGraw, Gary: Exploiting Software - How to break Code, Addison-Wesley, 2004
    • Meier, Michael: Intrusion detection effektiv! - Modellierung und Analyse von Angriffsmustern, Springer Verlag, 2007
    • Eckert, Claudia: IT-Sicherheit: Konzepte - Verfahren - Protokolle, Oldenbourg Verlag, 7., überarbeitete Auflage, München, 2012
    • Schadow, Dominik: Java-Web-Security: Sichere Webanwendungen mit Java entwickeln, dpunkt Verlag, 1. Auflage, Heidelberg, 2014
    • Sullivan, Bryan and Liu, Vincent: Web Application Security, A Beginner's Guide, McGraw-Hill Osborne Media Verlag, 1. Auflage, New York, 2011
    • Deimeke, Dirk et al.: Linux-Server: Das umfassende Handbuch, Rheinwerk Computing, 6., aktualisierte Auflage, Bonn, 2021

    Teaching language

    Deutsch

    2 SWS
    3 ECTS
    Safe software development | UE

    Safe software development | UE

    2 SWS   3 ECTS

    Content

    Accompanying the VO "Secure Software Development", selected topics from the field of IT security will be worked on independently and deepened.
    In particular, the following aspects are relevant - Practical implementation of more complex implementation tasks - Independent project management

    Teaching method

    Programming exercises

    Examination

    Continuous assessment: Grading of the projects, presentation of the results.

    Literature

    Bücher:

    • Howard, Michael et al.: 24 Deadly Sins of Software Security, McGraw/Hill/Osborne, 2009
    • Hoglund, Greg and McGraw, Gary: Exploiting Software - How to break Code, Addison-Wesley, 2004
    • Meier, Michael: Intrusion detection effektiv! - Modellierung und Analyse von Angriffsmustern, Springer Verlag, 2007
    • Eckert, Claudia: IT-Sicherheit: Konzepte - Verfahren - Protokolle, Oldenbourg Verlag, 7., überarbeitete Auflage, München, 2012
    • Schadow, Dominik: Java-Web-Security: Sichere Webanwendungen mit Java entwickeln, dpunkt Verlag, 1. Auflage, Heidelberg, 2014
    • Sullivan, Bryan and Liu, Vincent: Web Application Security, A Beginner's Guide, McGraw-Hill Osborne Media Verlag, 1. Auflage, New York, 2011
    • Deimeke, Dirk et al.: Linux-Server: Das umfassende Handbuch, Rheinwerk Computing, 6., aktualisierte Auflage, Bonn, 2021

    Teaching language

    Deutsch

    2 SWS
    3 ECTS

    Module Applied network security
    4 SWS
    10 ECTS
    Security Lab | UE

    Security Lab | UE

    4 SWS   10 ECTS

    Content

    Students learn how to implement IT security concepts using a specific task and are able to set up and secure a complete network environment with various security mechanisms (such as SIEMs, IDS and firewalls) at the end of the course. They learn what attacks on IT systems look like and how appropriate countermeasures work.

    Teaching method

    • Independent implementation of a project in the network lab
    • Regular review of progress

    Examination

    Continuous assessment: Practical/constructive permanent performance control and documentation

    Literature

    Relevante aktuelle Onlinequellen bzw. Referenzmanuals der Hersteller

    Teaching language

    Deutsch

    4 SWS
    10 ECTS
    Module Computer Crime
    2 SWS
    3 ECTS
    Cyber-Security | ILV

    Cyber-Security | ILV

    2 SWS   3 ECTS

    Content

    In this course, we will examine computer security from the perspective of an attacker. In lab exercises, the attacks demonstrated in the lecture will be tried independently to gain a deeper understanding of how attackers work. This trains the critical perspective for computer security in operation and design. This lecture is part one of the Cyber Security/Cyber Crime Defense lecture series.

    TCP/IP, UDP & IP Spoofing, ARP Poisoning, DNS, Traffic Amplification Attacks, Web Applications, OWASP Top10, XSS, SQL Injections, Java Security, Buffer Overflows.

    Teaching method

    The integrated course uses individual lecture blocks and an online platform where students solve exercise examples. The exercise examples are, for example, exploiting vulnerabilities in Linux and Windows, buffer overflows or modifying a mobile app.

    Examination

    Final exam: 5 practical challenges (of which you need to solve 3) and a written exam.

    Literature

    Bücher:

    • S. Garfinkel, G. Spafford, A. Schwartz: Practical Unix & Internet Security, O’Reilly, 2003
    • B. Carrier: File System Forensic Analysis, Addison-Wesley, 2005
    • B. Dang, A. Gazet, E. Bachaalany, S. Josse: Practical reverse Engineering, Wiley, 2014
    • M. Ligh: The Art of Memory Forensics, Wiley, 2014

    Online:

    • Publikationen von IEEE S&P, USENIX Security, ACM CCS, und DFRWS
    • NIST SP 800-86, RFC 3227

    Teaching language

    Deutsch-Englisch

    2 SWS
    3 ECTS
    Module Domain specific security
    3 SWS
    4 ECTS
    Cloud Security and Identity Management | ILV

    Cloud Security and Identity Management | ILV

    3 SWS   4 ECTS

    Content

    • Technical basics of identity management
    • Single sign-on systems, Shibboleth, Kerberos
    • OAuth, OpenID Connect, SAML; FIDO, U2F
    • Cloud paradigms (IAAS, PAAS, SAAS)
    • Security in the Cloud (Searchable/Homomorphic Encryption)

    Teaching method

    Lecture
    Distance learning
    Practical work in small group

    Examination

    Final exam: written test

    Literature

    Bücher:

    • Gottfried Vossen, Till Haselmann, Thomas Hoeren: Cloud Computing für Unternehmen. 1.Auflage 2012, dpunkt.Verlag, Heidelberg
    • John Roton: Cloud Computing Explained – 2013 Edition. Recursive Press, USA
    • Cloud Security Alliance: Security Guidance for Critical Areas of Focus in Cloud Computing v4.0. 2017

    Teaching language

    Deutsch

    3 SWS
    4 ECTS
    Module Cryptography in the application
    4 SWS
    6 ECTS
    Applied Cryptography | ILV

    Applied Cryptography | ILV

    2 SWS   3 ECTS

    Content

    The course tries to bridge the gap between the pure "textbook" version of cryptographic algorithms and their application in actual systems. Symmetric techniques like DES and especially AES with its most important variants are described in detail, as well as padding techniques, and selected chapters from PKCS. These topics are complemented by notes on the practical implementation of the long number arithmetic necessary for cryptographic primitives.

    Teaching method

    Presentation with slides and video projector

    Examination

    Final exam: Written elaboration of selected lecture contents

    Presentation

    Written examination

    Literature

    Bücher:

    • Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone: Handbook of Applied Cryptography, 2001
    • Bruce Schneier: Applied Cryptography, 1996
    • Darrel R. Hankerson, Scott A. Vanstone, Alfred J. Menezes: Guide to elliptic curve cryptography, 2003
    • Peter Gutmann: Engineering Security, 2014

    Teaching language

    Deutsch

    2 SWS
    3 ECTS
    Cryptographic Protocols | ILV

    Cryptographic Protocols | ILV

    2 SWS   3 ECTS

    Content

    The course provides an overview of different types of cryptographic protocols and describes their areas of application and special features. In the context of topic days, students implement selected protocols in group work and compare the results in a presentation.

    The topics in detail are
    - Public-Key Schemes
    - Key-Agreement/Key-Establishment
    - Challenge Response Schemes/Authentication
    - Signature Schemes

    Teaching method

    Independent implementation and presentation of the results in group work by the students.

    Examination

    Continuous assessment: Each theme day has the character of a partial exam, not a written final exam

    Literature

    Bücher:

    • Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone: Handbook of Applied Cryptography, 2001
    • Bruce Schneier: Applied Cryptography, 1996
    • Darrel R. Hankerson, Scott A. Vanstone, Alfred J. Menezes: Guide to elliptic curve cryptography, 2003
    • Peter Gutmann: Engineering Security, 2014

    Teaching language

    Deutsch

    2 SWS
    3 ECTS
    Module Self- and corporate organization
    2 SWS
    3 ECTS
    Ethics in IT | ILV

    Ethics in IT | ILV

    2 SWS   3 ECTS

    Content

    In this course, students will be introduced to the ethical aspects of cryptography (the relationship between security and privacy), the trading of data ("surveillance capitalism"), decisions based on algorithms, and the responsibility of programmers and scientists for algorithms.
    The course emphasizes active student participation and reflection, through case studies, group work, and students' own projects. The goal is to sensitize the students, as future programmers, to the ethical aspects of their work and to encourage their own reflection on their personal roles.

    Teaching method

    ILV

    Examination

    Continuous assessment

    Literature

    Bücher:

    • Daniel Goleman: Soziale Kompetenz; Wer auf andere zugehen kann, hat mehr vom Leben. Droemer, 2006
    • Friedemann Schulz von Thun: Miteinander reden:3. rororo, 2013
    • Nikolaus B. Enkelmann: Rhetorik Klassik, Die Kunst zu überzeugen. Gabal, 1999
    • Sandel, M.J.: Was man für Geld nicht kaufen kann: Die moralischen Grenzen des Marktes. Ullstein eBooks, 2012
    • Rogaway, Phillip. The moral character of cryptographic work. Cryptology ePrint Archive, 2015.
    • Zweig, Katharina. Ein Algorithmus hat kein Taktgefühl: Wo künstliche Intelligenz sich irrt, warum uns das betrifft und was wir dagegen tun können. Heyne Verlag, 2019
    • Nida-Rümelin, J., Weidenfeld, N. (2018): Digitaler Humanismus. Eine Ethik für das Zeitalter der künstlichen Intelligenz. Piper: München.
    • Van den Hoven, Jeroen, et al. "Privacy and information technology." (2014).
    • Jochen Schwarze, „Informationsmanagement“, NWB Verlag 1998
    • Helmut Krcmar, „Informationsmanagement“, 5 Auflage, Springer Verlag, 2005

    Teaching language

    Deutsch

    2 SWS
    3 ECTS
    Module Secure applications
    3 SWS
    4 ECTS
    Application Security | ILV

    Application Security | ILV

    3 SWS   4 ECTS

    Content

    Based on the lecture "Secure Software Development" and the corresponding exercise from the first semester, measures and techniques along the life cycle of an application are discussed in order to detect or avoid security vulnerabilities in design, implementation, deployment, upgrade or maintenance of an application or in the underlying system. In addition, the course deals with security aspects at runtime of applications as well as aspects of DevOps or DevSecOps (Development, Security and Operations). These techniques will be further deepened by means of practical exercises. In particular, the following technologies will be considered:

    • Virtualization (e.g. KVM, Proxmox VE)
    • Container technologies (system vs. application containers)
    • LXC, Docker, and related tools
    • Security Automation, Infrastructure as Code (e.g. Ansible)
    • Continuous Integration/Continuous Deployment (CI/CD)
    • Fuzzing
    • CIS benchmarks

    Teaching method

    exercises, presentations

    Examination

    Continuous assessment: Lab exercices

    Literature

    Bücher:

    • Howard, Michael et al.: 24 Deadly Sins of Software Security, McGraw/Hill/Osborne, 2009
    • Hoglund, Greg and McGraw, Gary: Exploiting Software - How to break Code, Addison-Wesley, 2004
    • Meier, Michael: Intrusion detection effektiv! - Modellierung und Analyse von Angriffsmustern, Springer Verlag, 2007
    • Eckert, Claudia: IT-Sicherheit: Konzepte - Verfahren - Protokolle, Oldenbourg Verlag, 7., überarbeitete Auflage, München, 2012
    • Schadow, Dominik: Java-Web-Security: Sichere Webanwendungen mit Java entwickeln, dpunkt Verlag, 1. Auflage, Heidelberg, 2014
    • Sullivan, Bryan and Liu, Vincent: Web Application Security, A Beginner's Guide, McGraw-Hill Osborne Media Verlag, 1. Auflage, New York, 2011
    • Deimeke, Dirk et al.: Linux-Server: Das umfassende Handbuch, Rheinwerk Computing, 6., aktualisierte Auflage, Bonn, 2021

    Teaching language

    Deutsch

    3 SWS
    4 ECTS

    Module Computer Crime
    5 SWS
    7 ECTS
    Cyber-Crime Defense | ILV

    Cyber-Crime Defense | ILV

    2 SWS   3 ECTS

    Content

    As a continuation of Cyber Security, this semester will examine an attacker's view of the Internet of Things, malware, and identity theft. Lab exercises will be used to independently try the attacks demonstrated in lecture to gain a deeper understanding of how attackers work. This trains the critical perspective for computer security in operation and design.

    Unix Security, Windows Security, OS X Security, Memory Corruption (Stack Overflows, Heap Overflow, Return-to-libc, return oriented programming), Format String Vulnerabilities, Shellcode, Race conditions, Reverse Engineering, Malware Analysis, CSRF, Hardware Security

    Teaching method

    The integrated course uses individual lecture blocks and an online platform where students solve exercise examples. The exercise examples are e.g. reverse engineering of a firmware, an ELF virus or a memory attack via Return Oriented Programming.

    Examination

    Final exam: Five practical challenges (of which you need to solve at least three) and a written exam.

    Literature

    Bücher:

    • S. Garfinkel, G. Spafford, A. Schwartz: Practical Unix & Internet Security, O’Reilly, 2003
    • B. Carrier: File System Forensic Analysis, Addison-Wesley, 2005
    • B. Dang, A. Gazet, E. Bachaalany, S. Josse: Practical reverse Engineering, Wiley, 2014
    • M. Ligh: The Art of Memory Forensics, Wiley, 2014

    Online:

    • Publikationen von IEEE S&P, USENIX Security, ACM CCS, und DFRWS
    • NIST SP 800-86, RFC 3227

    Teaching language

    Deutsch-Englisch

    2 SWS
    3 ECTS
    Digital Forensics | VO

    Digital Forensics | VO

    2 SWS   2 ECTS

    Content

    • Methods of digital forensics
      • File systems
      • Network forensics
      • Operating systems
      • Analysis of application data
      • Timeline analysis
      • Keyword Search
    • Norms and Standards / Related Documents
      • RFC 3227 "Guidelines for Evidence Collection and Archiving".
      • NIST SP 800-86 "Guide to Integrating Forensic Techniques into Incident Response".
    • Legal Framework
      • Legal basis
      • Types and roles of expert witnesses
      • Form and content of an expert report

    Hard disk image creation & analysis, file systems (esp. NTFS), memory forensics, network forensics, application data analysis, smartphones, anti-forensics, legal frameworks, best practices, ISO 3227 & NIST 800-86

    Teaching method

    The course will include different didactic teaching methods, e.g.:

    • Frontal teaching
    • Independent work in the group or in individual deliveries
    • Interactive media support
    • Computer room teaching

    Examination

    Final exam: schriftliche Prüfung

    Literature

    Bücher:

    • S. Garfinkel, G. Spafford, A. Schwartz: Practical Unix & Internet Security, O’Reilly, 2003
    • B. Carrier: File System Forensic Analysis, Addison-Wesley, 2005
    • B. Dang, A. Gazet, E. Bachaalany, S. Josse: Practical reverse Engineering, Wiley, 2014
    • M. Ligh: The Art of Memory Forensics, Wiley, 2014

    Online:

    • Publikationen von IEEE S&P, USENIX Security, ACM CCS, und DFRWS
    • NIST SP 800-86, RFC 3227

    Teaching language

    Deutsch

    2 SWS
    2 ECTS
    Digital forensics | UE

    Digital forensics | UE

    1 SWS   2 ECTS

    Content

    Application of VO Content: Acquisition and analysis of hard disk images, network analysis, smartphones and application data, cryptography & antiforensics.

    Teaching method

    Written submissions

    Examination

    Continuous assessment: Evaluation of the submitted reports

    Literature

    Bücher:

    • S. Garfinkel, G. Spafford, A. Schwartz: Practical Unix & Internet Security, O’Reilly, 2003
    • B. Carrier: File System Forensic Analysis, Addison-Wesley, 2005
    • B. Dang, A. Gazet, E. Bachaalany, S. Josse: Practical reverse Engineering, Wiley, 2014
    • M. Ligh: The Art of Memory Forensics, Wiley, 2014

    Online:

    • Publikationen von IEEE S&P, USENIX Security, ACM CCS, und DFRWS
    • NIST SP 800-86, RFC 3227

    Teaching language

    Deutsch-Englisch

    1 SWS
    2 ECTS
    Module Domain specific security
    3 SWS
    5 ECTS
    Mobile and Embedded Security | VO

    Mobile and Embedded Security | VO

    2 SWS   3 ECTS

    Content

    • ASN.1
    • Smartcards
    • Constrained Networking
    • Mobile Authentication
    • RIOT-OS
    • Secure Firmware Update
    • Internet-of-Things (IoT-Security)
    • Overview Embedded C

    Teaching method

    Lectures and remote/distance learning
    English slides

    Examination

    Final exam: Intermediate tests, distance/remote learning, final exam.

    Literature

    Bücher:

    • Gottfried Vossen, Till Haselmann, Thomas Hoeren: Cloud Computing für Unternehmen. 1.Auflage 2012, dpunkt.Verlag, Heidelberg
    • Cloud Security Alliance: Security Guidance for Critical Areas of Focus in Cloud Computing v3.0. 2011

    Teaching language

    Englisch

    2 SWS
    3 ECTS
    Mobile and Embedded Security | UE

    Mobile and Embedded Security | UE

    1 SWS   2 ECTS

    Content

    The exercises are teaching the useage of and development for smartcards.
    Students will need to complete the following exercices (alone and in groups):

    * Usage of PKCS#11 tokens in application software
    * Access to a smartcard using PC/SC and APDUs
    * Integrating a PKCS#11 token or a JavaCard into an authentication software

    Teaching method

    Programming in groups

    Examination

    Continuous assessment: The grade will be calculated based on the projects

    Literature

    Bücher:

    • Gottfried Vossen, Till Haselmann, Thomas Hoeren: Cloud Computing für Unternehmen. 1.Auflage 2012, dpunkt.Verlag, Heidelberg
    • Cloud Security Alliance: Security Guidance for Critical Areas of Focus in Cloud Computing v3.0. 2011

    Teaching language

    Deutsch

    1 SWS
    2 ECTS
    Module Interdisciplinary project
    4 SWS
    9 ECTS
    Interdisciplinary Project | UE

    Interdisciplinary Project | UE

    4 SWS   9 ECTS

    Content

    Summary of the essential aspects of project management, process management and system safety, as well as their concrete application in practical examples. Clarification of the distinction between safety and security, as well as the interfaces between the two areas. Discussion of the experiences gained by the students and reflection on the findings.

    Teaching method

    Implementation and presentation of a hands-on project in small groups.

    Examination

    Continuous assessment: ILV, assessment of submissions and presentations.

    Literature

    Bücher:

    • Gareis, R.: Projektmanagement im Maschinen- und Anlagenbau, Manz 1991
    • Lange, D. (Hrsg): Management von Projekten: Knowhow aus der Beraterpraxis, Verlag Schäffer - Poeschel, Stuttgart 1995
    • Ericson, Clifton A.: Hazard Analysis Techniques for System Safety, Verlag John Wiley & Sons, Inc., Hoboken 2005

    Teaching language

    Deutsch

    4 SWS
    9 ECTS
    Module Master thesis
    2 SWS
    3 ECTS
    Scientific Work | SE

    Scientific Work | SE

    2 SWS   3 ECTS

    Content

    A well-founded academic education also includes the ability to consider and deal with a wide variety of problems scientifically. This course therefore provides an introduction to scientific work and scientific methodology.

    The course focuses on reading, understanding and interpreting relevant scientific texts as well as literature research and the formal methods of scientific work. Furthermore, the students independently write a short scientific paper on an exemplary topic and present and defend it in plenary.

    Teaching method

    In the course of the course, the procedure of a scientific conference is simulated. After a general introduction to scientific work, the students are to work independently on a problem in a chosen subject area. After writing a short disposition, a scientific article is to be written based on this (draft paper). The resulting articles are then distributed to colleagues who are to critically examine and evaluate them (peer reviews). Afterwards, an improved, final version of the article is to be written (camera-ready paper), taking into account the reviews received. At the end of this course, the written scientific papers will be presented to the other course participants in lectures.

    Examination

    Final exam

    Literature

    Bücher:

    • M. Karmasin, R. Ribing: Die Gestaltung wissenschaftlicher Arbeiten. Ein Leitfaden für Haus-, Seminar- und Diplomarbeiten sowie Dissertationen. Wiener Universitäts Verlag, 1.Auflage, 1999
    • Umberto Eco: Wie man eine wissenschaftliche Arbeit schreibt, C.F. Müller, 13.Auflage, 2005
    • Kornmeir Martin: Wissenschaftlich schreiben leicht gemacht, 4th ed. Bern Haupt-UTB, 2011
    • Karl M. Goeschka: Merkblatt für den Aufbau wissenschaftlicher Arbeiten. i4c.at/goeschka/Merkblatt.pdf , 2006

    Teaching language

    Deutsch

    2 SWS
    3 ECTS
    Module Organisational Security
    2 SWS
    3 ECTS
    Security Management | ILV

    Security Management | ILV

    2 SWS   3 ECTS

    Content

    • IT Security Management and Risk Assessment
    • IT Security Controls, Plans, and Procedures
    • Physical and Human Resources Security
    • Access Control Management
    • Security Compliance / Audit

    Security Management & IT Governance, ISO 27001:2013, Internal Control System for IT, ISMS Set-up, Risk Management & Business Continuity Management, Policy and Guideline Design, System Development Life Cycle, Access Control, Physical and environmental security, COBIT, Basic Protection Manual

    Teaching method

    Lecture, individual processing of a case study, group work incl. presentation of the result.

    Examination

    Continuous assessment: 1/3: Personal case studies

    1/3: Group work incl. presentation

    1/3: Classroom Quizzes

    Literature

    Bücher:

    • Ortwin Renn (2008): Risk Governance. Taylor & Francis
    • Ortwin Renn (2014): Das Risikoparadox: Warum wir uns vor dem Falschen fürchten. Fischer
    • Gerd Gigerenzer (2009): Das Einmaleins der Skepsis: Über den richtigen Umgang mit Zahlen und Risiken. Berlin Verlag Taschenbuch
    • Gerd Gigerenzer (2013): Risiko: Wie man die richtigen Entscheidungen trifft. C. Bertelsmann Verlag
    • Daniel Kahnemann (2013): Schnelles Denken, langsames Denken. Siedler Verlag
    • M. Whitman, H. Mattord: Management of Information Security, Course Technology, 2013
    • S. Harris: All in one CISSP Exam Guide, McGraw-Hill, 2013
    • M. Helisch, D. Pokoyski: Security Awareness, Vieweg+Teubner, 2009

    Darüber hinaus steht eine umfangreiche Artikelliste zu neurophysiologischen, psychologischen und sozialpsychologischen Themen zur Verfügung, die für die konkrete Aufgabengestaltung genutzt werden kann.

    Online:

    • S. Brands, U-Prove technology overview
    • Beresford & Stajano, Location Privacy in Pervasive computing, IEEE pervasive Computing 2003
    • Project PRIME, www.prime-project.eu
    • Project PRECIOSA (Vehicular privacy) preciosa-project.org
    • www.epic.org

    Teaching language

    Deutsch-Englisch

    2 SWS
    3 ECTS
    Module Legal aspects of IT security
    2 SWS
    3 ECTS
    Economic Crime | SE

    Economic Crime | SE

    2 SWS   3 ECTS

    Content

    Forms of white-collar crime, social engineering, values and needs in the work environment, change processes and their effects, analysis of fraud events, crime prevention in the company, emergency strategy and investigation process, examples of criminal cases and their processing, trends and development of white-collar crime.

    Teaching method

    Seminar

    Examination

    Continuous assessment

    Literature

    Bücher:

    • Roger Odenthal: Korruption und Mitarbeiterkriminalität. Gabler, 2009
    • Wolfgang Hetzer: Geldwäsche zwischen Kriminalität, Wirtschaft und Politik. Europäische Verlagsanstalt, 2003
    • Christopher Hadnagy: Die Kunst des Human Hacking, Social Engineering. mitp, 2011.
    • Kevin D. Mitnick & William L. Simon: Die Kunst der Täuschung, Risikofaktor Mensch. mitp, 2002-2006
    • Michael Sonntag: „Einführung in das Internetrecht“, Rechtsgrundlagen für Informatiker, Linde Verlag, Wien 2010.
    • Straube/Fina (Hrsg): „E-Commerce- und Internetrecht“, Rechtstextsammlung, 5. Auflage, Stand 1.1.2010
    • Hans Zeger: „Datenschutz Grundlagen inkl. DSG Novelle 2010“, Datenschutzseminar, Wien 2010
    • Christoph Brenn: „Signaturgesetz und Signaturverordnung“, Aufsatz zur Vorlesung SS 2008, Wien, 2008
    • Verschiedene Urteile des VwGh, OGH und EuGh

    Teaching language

    Deutsch

    2 SWS
    3 ECTS

    Module Master thesis
    2 SWS
    22 ECTS
    Master thesis | VO

    Master thesis | VO

    0 SWS   20 ECTS

    Content

    Independent work on a relevant subject at a scientific level under the guidance of a supervisor, preparation of the master's thesis.

    Teaching method

    Independent scientific work under the guidance of a supervisor

    Examination

    Final exam: Approval of the master thesis

    Literature

    Bücher:

    • M. Karmasin, R. Ribing: Die Gestaltung wissenschaftlicher Arbeiten. Ein Leitfaden für Haus-, Seminar- und Diplomarbeiten sowie Dissertationen. Wiener Universitäts Verlag, 1.Auflage, 1999
    • Umberto Eco: Wie man eine wissenschaftliche Arbeit schreibt, C.F. Müller, 13.Auflage, 2005
    • Kornmeir Martin: Wissenschaftlich schreiben leicht gemacht, 4th ed. Bern Haupt-UTB, 2011
    • Karl M. Goeschka: Merkblatt für den Aufbau wissenschaftlicher Arbeiten. i4c.at/goeschka/Merkblatt.pdf , 2006

    Teaching language

    Deutsch-Englisch

    20 ECTS
    Master thesis seminar | SE

    Master thesis seminar | SE

    2 SWS   2 ECTS

    Content

    The students present the current development of their master thesis at regular intervals and put it up for discussion in the plenum.

    Teaching method

    Presentations by students followed by discussion

    Examination

    Continuous assessment

    Literature

    Bücher:

    • M. Karmasin, R. Ribing: Die Gestaltung wissenschaftlicher Arbeiten. Ein Leitfaden für Haus-, Seminar- und Diplomarbeiten sowie Dissertationen. Wiener Universitäts Verlag, 1.Auflage, 1999
    • Umberto Eco: Wie man eine wissenschaftliche Arbeit schreibt, C.F. Müller, 13.Auflage, 2005
    • Kornmeir Martin: Wissenschaftlich schreiben leicht gemacht, 4th ed. Bern Haupt-UTB, 2011
    • Karl M. Goeschka: Merkblatt für den Aufbau wissenschaftlicher Arbeiten. i4c.at/goeschka/Merkblatt.pdf , 2006

    Teaching language

    Deutsch

    2 SWS
    2 ECTS
    Module Organisational Security
    4 SWS
    5 ECTS
    Human perceptions and actions | VO

    Human perceptions and actions | VO

    2 SWS   3 ECTS

    Content

    This event presents the fundamental principles of human perception in the context of risk- and security-related actions and decisions. The overarching context represents the general way society and politics deal with new technologies.

    Neuro- and sensory-physiological, psychological and social foundations of human behavior
    V.a. of risk perception, risk assessment and risk evaluation of technical systems
    Human choice and decision behavior
    Foundations and phenomena of human error and possibilities of error avoidance

    Teaching method

    Lectures of the LV leader and presentations of the participants

    Examination

    Continuous assessment: The grade is composed of the two partial performances "Presentation of a self-selected topic" and a seminar paper of about 10 pages on the same topic.

    Literature

    Bücher:

    • Ortwin Renn (2008): Risk Governance. Taylor & Francis
    • Ortwin Renn (2014): Das Risikoparadox: Warum wir uns vor dem Falschen fürchten. Fischer
    • Gerd Gigerenzer (2009): Das Einmaleins der Skepsis: Über den richtigen Umgang mit Zahlen und Risiken. Berlin Verlag Taschenbuch
    • Gerd Gigerenzer (2013): Risiko: Wie man die richtigen Entscheidungen trifft. C. Bertelsmann Verlag
    • Daniel Kahnemann (2013): Schnelles Denken, langsames Denken. Siedler Verlag
    • M. Whitman, H. Mattord: Management of Information Security, Course Technology, 2013
    • S. Harris: All in one CISSP Exam Guide, McGraw-Hill, 2013
    • M. Helisch, D. Pokoyski: Security Awareness, Vieweg+Teubner, 2009

    Darüber hinaus steht eine umfangreiche Artikelliste zu neurophysiologischen, psychologischen und sozialpsychologischen Themen zur Verfügung, die für die konkrete Aufgabengestaltung genutzt werden kann.

    Online:

    • S. Brands, U-Prove technology overview
    • Beresford & Stajano, Location Privacy in Pervasive computing, IEEE pervasive Computing 2003
    • Project PRIME, www.prime-project.eu
    • Project PRECIOSA (Vehicular privacy) preciosa-project.org
    • www.epic.org

    Teaching language

    Deutsch

    2 SWS
    3 ECTS
    Privacy in Internet | VO

    Privacy in Internet | VO

    2 SWS   2 ECTS

    Content

    The Privacy in Internet lecture is an introduction to privacy technologies and their application areas. The following topics will be discussed:

    Privacy Definition, Introduction ,Legal Aspects, DSGVO and data protection impact assessment

    Technologies:

    • Identity management
    • Anonymous communication
    • Privacy policies
    • Database privacy


    Applications:

    • Vehicular privacy, Location privacy
    • Search engine privacy,
    • Social network privacy,
    • Privacy and the Smart grid

    Teaching method

    Lecture series, 2-3 homework assignments, small group project.

    Examination

    Final exam: - Exercises and project work (40%)

    - Written exam (60%)

    Literature

    Bücher:

    • Ortwin Renn (2008): Risk Governance. Taylor & Francis
    • Ortwin Renn (2014): Das Risikoparadox: Warum wir uns vor dem Falschen fürchten. Fischer
    • Gerd Gigerenzer (2009): Das Einmaleins der Skepsis: Über den richtigen Umgang mit Zahlen und Risiken. Berlin Verlag Taschenbuch
    • Gerd Gigerenzer (2013): Risiko: Wie man die richtigen Entscheidungen trifft. C. Bertelsmann Verlag
    • Daniel Kahnemann (2013): Schnelles Denken, langsames Denken. Siedler Verlag
    • M. Whitman, H. Mattord: Management of Information Security, Course Technology, 2013
    • S. Harris: All in one CISSP Exam Guide, McGraw-Hill, 2013
    • M. Helisch, D. Pokoyski: Security Awareness, Vieweg+Teubner, 2009

    Darüber hinaus steht eine umfangreiche Artikelliste zu neurophysiologischen, psychologischen und sozialpsychologischen Themen zur Verfügung, die für die konkrete Aufgabengestaltung genutzt werden kann.

    Online:

    • S. Brands, U-Prove technology overview
    • Beresford & Stajano, Location Privacy in Pervasive computing, IEEE pervasive Computing 2003
    • Project PRIME, www.prime-project.eu
    • Project PRECIOSA (Vehicular privacy) preciosa-project.org
    • www.epic.org

    Teaching language

    Englisch

    2 SWS
    2 ECTS
    Module Legal aspects of IT security
    2 SWS
    3 ECTS
    Legal framework for data security | ILV

    Legal framework for data security | ILV

    2 SWS   3 ECTS

    Content

    Basics, copyright law with special focus on IT, data protection and data security, general contract law, consumer protection in distance selling, signature, domain names

    Teaching method

    Lecture, student presentation, practical insight into the professional life of an IT Security Officer, PPT slides.

    Examination

    Final exam: Collaboration, presentation and written exam

    Literature

    Bücher:

    • Roger Odenthal: Korruption und Mitarbeiterkriminalität. Gabler, 2009
    • Wolfgang Hetzer: Geldwäsche zwischen Kriminalität, Wirtschaft und Politik. Europäische Verlagsanstalt, 2003
    • Christopher Hadnagy: Die Kunst des Human Hacking, Social Engineering. mitp, 2011.
    • Kevin D. Mitnick & William L. Simon: Die Kunst der Täuschung, Risikofaktor Mensch. mitp, 2002-2006
    • Michael Sonntag: „Einführung in das Internetrecht“, Rechtsgrundlagen für Informatiker, Linde Verlag, Wien 2010.
    • Straube/Fina (Hrsg): „E-Commerce- und Internetrecht“, Rechtstextsammlung, 5. Auflage, Stand 1.1.2010
    • Hans Zeger: „Datenschutz Grundlagen inkl. DSG Novelle 2010“, Datenschutzseminar, Wien 2010
    • Christoph Brenn: „Signaturgesetz und Signaturverordnung“, Aufsatz zur Vorlesung SS 2008, Wien, 2008
    • Verschiedene Urteile des VwGh, OGH und EuGh

    Teaching language

    Deutsch

    2 SWS
    3 ECTS

    Number of teaching weeks
    18 per semester

    Times
    5.30 p.m.-7.00 p.m. and 7.15 p.m.-8.45 p.m.


    After graduation

    As a graduate of this program, a wide range of occupational fields and career opportunities are open to you. Find out here where your path can take you.

    Graduates are active in both the core information technology and telecommunications industries as well as in sector spanning positions. Your task will be to design and implement comprehensive security solutions. You will specify, plan, integrate, test and operate voice and data networks, taking into account the necessary security standards. You will work in the following areas:

    • Companies with their own IT infrastructure

    • Banks and insurance companies

    • Companies in electronic commerce

    • Authorities and public institutions

    • Online service providers

    • Service providers (cable/radio network providers, telecom)

      • Entertainment industry and media companies

      • Software development companies and system integrators

      • Security services

      • Data centers

      • Consulting firms


        Studying made easy

        Two students holding books
        Buddy Network

        Support for getting started in Engineering

        >
        Personen arbeiten gemeinsam am Laptop
        Bridging courses

        Refresh your technical knowledge? More here

        >
        Bücher mit Geld
        Funding & Scholarships

        More information here

        >
        Hände zeigen auf Weltkarte
        Time abroad

        Expertise, language skills, broadening horizons

        >
        Open Lectures
        >
        Center for academic writing
        >
        Intensive German course
        >
        EICC
        >
        Doctoral Service
        >
        Validation
        >
        Accessibility
        >
        queer @ FH Campus Wien
        >

        Networking with graduates and organizations

        In teaching and research we work closely with renowned companies from commerce and industry, universities and research institutions. These partnerships provide you with opportunities to find a job, write your thesis, or participate in current research and development activities - also in our competence center for IT security. You can find many of our cooperations in the campus network. It is always worth taking a look and you might find a new job or an interesting event with one of our cooperation partners.


        Contact

        Head of Degree Program

        Secretary's office

        Gabriella Juhász, MA

        Favoritenstraße 226, B.3.25
        1100 Vienna
        +43 1 606 68 77-2460
        +43 1 606 68 77-2469
        its@fh-campuswien.ac.at

        Map main campus Favoriten (Google Maps)

        Office hours during the semester:

        by appointment

         

        Teaching staff and research staff

         

        You want to know more? We will help you.

         

        Have you found all the information you are looking for?

        • Yes
        • No