Modul

See Partial Achievements (Teilleistung).

• The student understands the challenges of access control in the era of hyperconnectivity.
• The student understands that an information security model defines access rights that express for a given system which subjects are allowed to perform which actions on which objects. The student understands that a system is said to be secure with respect to a given information security model, if it enforces the corresponding access rights.
• The student is able to derive suitable access control models from scenario requirements and is able to specify concrete access control systems. The student is able to decide which concrete architectures and protocols are technically suited for realizing a given access control model.
• The student knows access control protocols using cryptographic methods and is able to compare protocol realizations based on different cryptographic building blocks.
• The student is aware of the limits of access control models and systems with respect to their analyzability and performance and security characteristics. The student is able to identify the resulting tradeoffs.
• The student knows the state of the art with respect to current research endeavors, e.g., access control in the context of decentralized and distributed systems, Trusted Execution Environments, AI, robotics, or hash-chain based systems.

See Partial Achievements (Teilleistung).

Access control systems are everywhere and the backbone of secure services as they incorporate who is and who is not authorized: think of operating systems, information systems, banking, vehicles, robotics, cryptocurrencies, or decentralized applications as examples. The course starts with current challenges of access control in the era of hyperconnectivity, i.e., in cyber-physical or decentralized systems. Based on the derived needs for next generation access control, we first study how to specify access control and analyze strengths and weaknesses of various approaches. We then focus on up-to-date proposals, like IoT and AI access control. We look at current cryptographic access control aspects, blockchains and cryptocurrencies, and trusted execution environments. We also discuss the ethical dimension of access management. Students prepare for lecture and exercise sessions by studying previously announced literature and by preparation of exercises that are jointly discussed in the sessions.

Basics according to the lectures "IT Security Management for Networked Systems" and "Telematics" are recommended.

Lecture workload:

1. Attendance time
   Lecture: 2 SWS: 2,0h x 15 = 30h
   Exercises: 1 SWS: 1,0h x 15 = 15h
2. Self-study (e.g., independent review of course material, work on homework assignments)
   Weekly preparation and follow-up of the lecture: 15 x 1h x 3 = 45h
   Weekly preparation and follow-up of the exercise: 15 x 2h = 30h
3. Preparation for the exam: 30h

Σ = 150h = 5 ECTS