Information Security – (Grad.Dip.)

Contents

The course comprises five main focal points:
IT infrastructure (operational safety and network security), security technologies (cryptography and biometrics), software engineering, security management (IT compliance and law) and economics.

The area of IT infrastructure provides students with the skills needed for a secure and reliable operation of the communication chain / communication network. These include the knowledge necessary for the secure design of overall systems of this kind (data and speech communication networks in conjunction with security components) as well as the ability to recognize and find gaps in the security. Daily forensic analysis and log file analysis are necessary to recognize anomalies and react quickly.

The area of software engineering considers the security of applications used in the Internet or in everyday commercial processes, as these are extremely important to every overall system. The possible level of security is defined by the weakest link in the chain. It is thus extremely important to consider the aspect of software security. This includes the entire process of software development, including security certification, as well as the corresponding testing procedures in taking over software. The integration of mobile end-user equipment is growing constantly in importance in this context.

The area of security technologies aims at protection information in non-secure environments and offers confidentiality, data integrity, authenticity and commitment. To use the full potential of open, distributed systems, information security must be guaranteed. Without effective protection, trust in the “bug-proof” communications will be lost and with it trust in the entire network. In addition to information security, identification and authentication play an important part in distributed, non-secure systems. In this context, biometric systems seem to be replacing and supplementing normal password-based procedures.

The area of security management aims at making security measureable and thus testable, to enable constant work on improving security and to enable weaknesses to be recognized. There are numerous legal regulations and many voluntary codes and frameworks, frequently known as compliance rules, to which companies should adhere. The focus of the work on security management looks at these rules and codes and their application.

The part of the course dealing with economics equips students with the necessary basic knowledge for them to be able to represent cash flows and alternatives in terms of value. When the security policies are to be introduced or corresponding projects to be managed, graduates of this course are knowledgeable partners for discussions with financial managers. They have the basic knowledge of processes, management techniques and business plans. Within the research workshop and the Diploma thesis students undertake their first scientific work.