Modul

Siehe Teilleistung.

The student is able to derive suitable access control models from scenario requirements and is able to specify concrete access control systems.

The student is aware of current access control frameworks and technologies.

The student is able to formulate a suitable system architecture for a given access control scenario.

The student is able to identify concrete technologies to implement an access control system securely and efficiently.

The student is able to evaluate the suitability of a given access control system architecture for a given scenario.

Nur in Kombination mit Modul „Access Control Systems: Foundation and Practice“ [M-INFO-103046] prüfbar.

An information security model defines access rights that express for a given system which subjects are allowed to perform which actions on which objects. A system is said to be secure with respect to a given information security model, if it enforces the corresponding access rights. Thus, access control modeling and access control systems represent the fundamental building blocks of secure services, be it on the Web or in the Internet of Everything.

In this master-level course, we thoroughly investigate the evolution of access control models (access control matrix, role-based access control, attribute access control) and describe usage control models as a unified framework for both access control and digital rights management. The students experiment with real-world access control protocols and technologies and thus apply the contents of the lecture "Access Control Systems: Foundations and Practice" in a real-world context.

Grundlagen entsprechend der Vorlesungen „IT-Sicherheitsmanagement für vernetzte Systeme“ und „Telematik“ werden empfohlen.

Lab Sessions: 6 x 2h = 12h

Lab Tasks: 6 x 10h = 60h

Lab Reports: 6 x 4h = 24h

Buffer: 6 x 2h = 12h

Final Presentation: 12h

Σ = 120h = 4 ECTS