The intertwinement of telecommunications, mobile communications and data networks is turning IT security into an explosive topic and a key risk factor in today's businesses. Services such as e-commerce, e-government or digital media and their copyright protection severely stress data, network and transmission security. In the Master's degree program you will be specializing in aspects of technical security and the "human risk factor"
Mag.a Susanne TröstlMagdalena Brandeis, BA (Maternity leave)Favoritenstraße 226, B.3.20 1100 ViennaT: +43 1 606 68 77-2460F: +43 1 606 68 firstname.lastname@example.org
Office hours during the semesterMon, 1.30-6.00 p.m.Tue, 1.30-7.30. p.m. Wed, 1.30-6.00 p.m.Thu, by appointmentFri, closed
Ihre E-Mail wurde versendet
Application period for academic year 2018/19
25th September 2017 to 19th August 2018
2tuition fee / semester:
+ ÖH premium + contribution**
* Tuition fees for students from third countries € 727 per semester
**for additional study expenses (currently up to €83 depending on degree program and year)
Data protection and system security are your top priority. You have the ability to identify potentially weak points in systems and networks. This motivates you to find suitable measures to prevent manipulation and to block unauthorized access. New technologies arouse your interest - yet always with guaranteed security standards in mind. Your are familiar with encryption methods and you would like, in your Master's degree program, to delve deeper into cryptography as a field for research and application.
IT security is a highly agile field. Attacks on servers and networks are getting increasingly sophisticated. Our state-of-the-art network laboratory where you may refine your strategies for preventing unauthorized access and develop measures and scenarios for protection is at your disposal. You will have the opportunity of participating in research and development (R&D) projects, engaging in active exchange between science and practice at the university. The degree program also includes an own "IT security competence team", working in close cooperation with companies. The research focuses on the transmission of data, safe from manipulation or eavesdropping.
The number of mobile end devices will continue to increase and thereby also the demands made on data security for these tiny devices with their weak computing power. Sensor nodes which, albeit very versatile, are also small and have limited computing capacity and very little storage space are another example. Contrasting with these, we have the Cloud with its seemingly infinite computing and storage resources. The IT Security Master's degree program addresses both these developments in its research program.The course experts implement, evaluate and compare a diversity of cryptographic algorithms in the affiliated Competence Center for IT Security.The goal is to establish easily realizable secure data encryption options in practice. Findings are directly incorporated into the degree program to assuring you, the Master's student, of a decisive advantage of knowledge. The specialist know-how of our lecturers is also in high demand internationally. Experts of the IT Security Competence Center are often asked to participate as speakers at international conferences on data security and data protection. Papers published by the IT experts often receive awards such as the FH Best Paper Award, repeatedly awarded to FH Campus Wien.
Lector: Mag. Dipl.-Ing. Dr.techn. Lorenz Froihofer, Priv.-Doz. Mag. DI. DI. Dr.techn. Karl Michael Göschka
* Dependability and Fault Tolerance* Distributed Agreement* Group Communication and Membership* Consistency and Replication* Transactions
Lecture: written exam, Distance Learning: Students' project in small groups
LecturePractical work in small groups
Lector: FH-Prof. Dipl.-Inform. Dipl.-Wirt.Inform. Matthias Peter Hudler
In this lecture basic principles of cryptography such as symmetric and asymmetric encryption as well as data security will be discussed. The main topics are for example the process of encryption and decryption of data, digital signatures, general cryptographic protocols and the practical field of operation of these mechanisms. Current approaches like elliptic curves are also dealt with. In addition to the related key management aspects like the comprehensive security infrastructure will be addressed. Tangible examples of use are shown for illustration and for getting familiar with the functionality.
Final written exam
Presentation with slides and video projector, additional explanations on the whiteboard
Lector: FH-Prof. Dipl.-Inform. Dipl.-Wirt.Inform. Matthias Peter Hudler, Dipl.-Ing. Manuel Koschuch, Bakk.techn.
In this lecture basic principles of cryptography such as symmetric and asymmetric encryption as well as data security will be discussed. The main topics are for example the process of encryption and decryption of data, digital signatures, general cryptographic protocols and the practical field of operation of these mechanisms. Current approaches like elliptic curves are also dealt with. In addition to the related key management aspects like the comprehensive security infrastructure will be addressed. Tangible examples of use are shown for illustration and for getting familiar with the functionality.In the tutorial the students have the possibility to practise the formerly presented approaches, getting more familiar with them. Approaches of possible cryptanalysis will also be discussed.
Presentation, discussion and solving problems
Lector: Mag. Dipl.-Ing. Dr.techn. Wolfgang Radinger-Peer
• Goals, tasks, architectures and methods of information management• Risk Management• Big Data• Case studies in small groups
Collaboration during the lecture and presentation of an spezific topic
Speech with slides, case studies in small groups
Lector: Dipl.Ing. Franz Gober, MBA
Basic assumptions of comunication - main focus body language, presentation technics; social skills: ability of encountering, effective communication strategy, feedback, using feedback, impact of feedback. Rhetorical basics: Use of different discussion technics and questioning technics and feedback strategies, facilityting and inhibiting behaviour in communication. Conflict management, understanding conflicts, working on conflicts and methods.Selective perception and constructivism.
Physical presenceActive cooperation Seminar paperReview-Journal
Individual work, work in smaller and larger groups, teacher-centred information phases, review-journal
Lector: DI Mathias Tausig
The course gives a broad view across the possibilites of cryptographic methods in a typical workday, especially those of a SysAdmin. For alll subjects, the theoretic background is presented alongside the practical usage implications.The subjets consist of:* Hard disk encryption* SSH & Network tunneling* E-mail security* Data encoding using ASN.1* Public Key Infrastructure
Exercices and a final exam
Theoretical lectures and individual tasks for all subjects
Lector: Dipl.-Ing. Manuel Koschuch, Bakk.techn., DI(FH) Roland Supper
- Overview of Threats- Firewalls (stateless/stateful)- Intrusion Detection and Prevention- IPsec-based VPNs- Overview over SSL and TLS and other VPN-Technologien (L2TP, PPTP, MPLS)- Advanced Persistent Thretas- Expert Speeches
Written final Exam
Lecture with slides, whiteboard and external expert speechesLab Exercises
* Versioncontrol* Test Driven Development* Secure Development Lifecycle* Risk analysis* Security errors
* Final exam* Grading of the presentations
* Lessons* Presentations by student groups
Lector: Dipl.-Ing. Manuel Koschuch, Bakk.techn.
* Usage of git* Usage of TDD* prevention of security bugs
Grading of the projects
Lector: DI (FH) Peter Krebs
- Basics of wireless network communication- Security aspects of wireless networks- Concrete wireless technologies and their security mechanisms- WLAN (IEEE 802.11)- Bluetooth- IEEE 802.15.4/6LoWPAN/ZigBee - Near Field Communication - Cellular Networks
Written final exam
The practical par of this course teaches the use of cryptohraphic libraries.The theoretical part constists of:- Key generation- Random numbers- Authenticated Encryption- Padding
Grading of the coding tasks and a final exam
- Lectures- Coding exercises
Lector: Mag.a Dr.in Sigrid Schefer-Wenzl, MSc BSc
The focus of this course is on agile application security, i.e. how to combine agile methods and security aspects. Students apply agile methods (e.g., user stories, sprints, pair programming, code reviews) in a project of their choice having specific security requirements.
Exam, practical project, learning diary
presentation, group project, learning diary
Lector: Dipl-Ing. Adrian Dabrowski
In this lectures, we try to shade light on the attacker's perspective on computer security. By learning how to attackers work and experience them first hand in our lab exercises, we create a deeper understanding of the methods and procedures of attackers. Thus, laying the foundation for better operational security and security design practices. This lecture is part 1 of our two-semester lecture series at FH Campus Wien.
5 practical challenges (of which you need to solve 3) and a written exam.
Lectures with practical examples and demonstrations. Additionally, we offer an online platform, where students have to solve a new challenge every apx. three weeks. Those challenges range from writing a small virus, breaking into a simulated social network, performing a local and/or remote buffer overflow, and others.
Lector: DI Dr. Ulrich Haböck
This course discusses popular authentication and key agreement protocols and gives an impression of the versatile applicability of modern cryptography.- Authentication and key establishment protocols: elementary challenge response, zero knowledge proofs, - Single Sign On: Kerberos, OpenID Connect, SAML- TLS handshake and its state machine, including known attacks on TLS <=1.2Further topics are chosen at request, e.g. crypto currencies (offline e-Cash, blockchain-based), voting protocols, secret sharing, searchable encryption.
Classic whiteboard lectures, exercise classes where appropriate.
- Practical application of IT-Security knowledge- Selected topics supplementing related courses- Protection of IT-Systems using Firewalls and Intrusion Prevention Systems- Design and Integration of a SIEM solution
Continuous examination and documentation
- Independent implementation of a project- Support is given at any time on request- Continuous progress reviews
Lector: Priv.-Doz. Mag. DI. DI. Dr.techn. Karl Michael Göschka, Dipl.-Ing. Manuel Koschuch, Bakk.techn., DI Dr. Johannes Osrael
Distributed Information SystemsMiddlewareEnterprise Application IntegrationWeb Application Integration und Web Services ConceptsComponent-based Software EngineeringBasic Web Services TechnologyService Coordination ProtocolsService Composition und Business Process IntegrationWeb IntegrationCloud BasicsWeb Service and Cloud Security
LectureDistance EducationPractical work in small groups
Lector: Mag. Georg Conrad-Billroth, MSc (CS)
Business and ethics consists of:Introduction and basic principleslegal structure of companies and business organizationThe enterprise and its environmentEthics in businessHuman resources managementMarketing & sales & ethicsProcurement and logisticsProductionAccounting and finance
continuous assessment, assessment of presentations and teamwork, final exam
Lecture with PowerPoint slides and exercises.The ppt slides and handouts will be provided
Lector: Dipl-Ing. Adrian Dabrowski, Privatdozent Dipl-Ing. Mag. Dr. Edgar Weippl
In this lectures, we deepen the understanding of the attacker's perspective on computer security. By getting hands-on experience on the techniques and mindset needed to break security systems, the student gains insight useful for post-incident analysis of attacks as well as proactive analysis of attack vectors.
Five practical challenges (of which you need to solve at least three) and a written exam.
Lectures with practical examples and demonstrations. Additionally, we offer an online platform, where students have to solve a new challenge every three weeks. Those challenges range from performing a local and/or remote buffer overflow, reverse engineer mobile phone applications, attack web services and others.
Lector: Dipl.-Ing. Dr. Martin Schmiedecker, Dip.-Inf. (FH) Karsten Theiner
- Forensic Methods oFile System Forensics oNetwork Forensics oOperating System Forensics oExamination of Application Data oTime Line Analysis oKeyword Search
Lessons are held, using at least some of following didactics: - Ex-cathedra teaching - Independent working in groups - Interactive Media Support - Computer room lessons
Practical assignments in the scope of the lecture.
Graded point of the reports
Lector: Dipl.-Ing. Manuel Koschuch, Bakk.techn., Julia Scheidinger, BSc
Summary of the essential aspects of project- and process-management, as well as system safety, and their practical meaning in concrete examples.Clarification of the differences between safety and security, and of the interfaces between these two areas.Diskussion and reflection of the insights from practical application of the above concepts.
Assessment of the submitted implementation and the presentations.
Implementing and presenting a practical example in small groups.
Lector: FH-Prof. DI Gerhard Engelmann, Julia Scheidinger, BSc, Silvia Schmidt, MSc BSc, DI Mathias Tausig
ASN.1SmartcardsConstrained NetworkingMobile AuthenticationRIOT-OSSecure Firmware UpdateInternet-of-Things (IoT-Security)Overview Embedded C
Intermediate tests, distance/remote learning, final exam.
Lectures and remote/distance learningEnglish slides
Implementations of the following subjects:* Usage of cryptographic functions in RIOT-OS* Smartcard usage
The grade will be calculated based on the projects
Programming in groups
- IT-Security Management and Risk Assessment- IT-Security Controls, Plans, and Procedures- Physical and Human Resources Security & Security Audit- Access Control Management- Overview of the ISO 27000-family, COBIT, ITIL and BSI Grundschutz
1/3: Case study1/3: Group assignment1/3: Exam
Lecture, case study, group assignment
- values and needs espessially in working environment- typologies of behaviour and inward urge- change management poresses and impact- Reasons for conflicts, behaviour during conflicts, and escalation- behaviour pattern and situational behaviour in economic crime- forms of economic crime- examples of ecomonic crime and working it up- future trends and development in economic crime
PresentationWork on cases in small groupsSubject specific discussions in the classSeminar paperReview-journal
An important part of a comprehensive academic education is to aquire the qualification to treat problem statements from a scientific point of view. Therefore, an introduction to scientific work, writing, and well established methodologies will be taught in this course.
The evaluation is based on the submitted material (disposition, paper, reviews) as well as on the presentations.
During this course a scientific conference will be simulated. After a brief introduction to scientific writing, the attendees of this course shall treat a problem statement of a given field of research for which they shall prepare disposition that briefly describes the chosen topic. Based on it, a draft version of the scientific article will be written (draft paper). Afterwards, these draft versions of the papers will be critically reviewed by other colleagues (peer reviewing). Based on their reviews, a revised version of the scientific paper shall be created (camera-ready paper). At the end of this course, the scientific papers will be presented by the authors.
Autonomous authoring of a special, science-based theme under guidance by a supervisor, elaboration of the master's thesis
Approbation of the master's thesis
Diploma thesis: Autonomous scientific work under guidance by a supervisor
The students present the current state of their Master's Thesis at regular intervals and discuss their work with the audience.
Presentations by the students
Lector: Dr. Sandford Bessler
The lecture will give an overview on the technologies and the application areas of e-privacy protection: - Definitions, Future scenarios of privacy - Legal privacy environmentTechnologies:- Identity management - Anonymous communication- Privacy policies- Database privacyApplication areas: - Vehicular privacy, Location privacy- Search engine privacy, - Social network privacy, - Privacy and the Smart grid
Home work exercises and student presentation (40%) - Students will form small teams - Topics for the student presentation will be given (research papers) and presentation dates will be fixed Final written exam (60% of the grade)
Frontal teaching using slide presentations and online sources. 2-3 home works to support learningDiscussions about certain privacy topics are welcome.
Lector: Mag.iur. Philip Raffling
Orientation in the law with focus on IT. In particular, a basic understanding of data protection, IT contract law and general law is explained.
oral collaboration and written exam at the end
Lecture, practical insight into the professional life of an IT Security Officer, PPT slides
Semester datesWinter semester: 27th August 2018 to 26th January 2019Summer semester: 11th February to 14th July 2019
Number of teaching weeks 18 per semester
Times5.30 p.m.-7.00 p.m. and 7.15 p.m.-8.45 p.m.As a service to students, the IT Security degree program offers six elective subjects in the third semester, of which three courses must be selected (instead of the fixed assignment of courses to areas of specialization). An elective subject is only offered if it is selected by at least three students. This change offers students more flexibility at no extra cost.
Graduates are active in both the core information technology and telecommunications industries as well as in sector spanning positions. Your task will be to design and implement comprehensive security solutions. You will specify, plan, integrate, test and operate voice and data networks, taking into account the necessary security standards. You will work in the following areas:
Equivalence is determined by international agreements, validation or in individual cases a decision by the head of the academic section.
To apply you will require the following documents:
It is not possible to save incomplete online applications. You must complete your application in one session. Your application will be valid as soon as you upload all of the required documents and certificates. In the event that some documents (e.g. references) are not available at the time you apply, you may submit these later via e-mail, mail or in person by no later than the start of the admission process.
The selection process examines the technical aptitude of the applicants for the Master's degree program. It consists of a written test and an interview. The secretary's office will notify you of the date for the selection process.
Experience shows that many questions arise during the application phase and the start of the degree program. We therefore propose that interested persons and applicants should network with higher semester students in the same degree program as yours. Personal and individual contact with your buddy should facilitate your entry into the degree program.
To the Buddy network
Head of Section, Head of Competence Centre for IT-Security T: +43 1 606 68 77-2461 email@example.com
We work closely with renowned companies in commerce and industry, with universities, institutions and schools. This guarantees you contacts for employment or participation in research and development. In the course of exciting school cooperations, students may contribute to firing up pupils on topics such as our Bionics Project with the Festo company. You can find information about our cooperation activities and much more at Campusnetzwerk. It's well worth visiting the site as it may direct you to a new job or interesting event held by our cooperation partners!