Security and Privacy Major (S&P)

The track focuses on the study of the design, development and evaluation of secure computer systems which are also capable of ensuring privacy for future ICT systems. It follows a constructive security approach to teach the very complex and challenging field of information assurance.

The aim is to provide students with an understanding of the concepts and technologies for achieving confidentiality, integrity, authenticity, and privacy protection for information processed across networks. Topics include core network security principles, traffic filtering, traffic analysis, cryptography, tunnelling and encapsulation, public-key infrastructure, remote-authentication protocols, and virtual private networks.

Added to the technical base the I&E minor will provide competences in communication, knowledge integration, open innovation and technology management from the viewpoints of both business and technology. The business skills will enable students to understand and execute a business development process, with an insight in legal and societal aspects of security and privacy.

Relation to the EIT ICT Labs Activities

Security and Privacy is relevant within all EIT ICT Labs areas - Future Media and Content Delivery, Smart Spaces, Smart Energy Systems, Intelligent Mobility and Transportation systems, Digital cities, Health and Wellbeing, ICT-Mediated Human Activity. Without a strong Security and Privacy angle none of the areas above can be brought to a healthy business.

Career Opportunities with a S&P Major

Successful graduates will easily find positions in companies that provide product services, such as Telecom companies, Financial Institutes, Software and Hardware vendors, et al, who require a high assurance in their ICT systems.

Graduates of the S&P major should also be in a good position to start their own company, providing product or technology development, business development or consultancy services.

Another career option is an advanced research career in industry and academy, including PhD education at the involved universities and at other top universities. Last but not least, the governmental security agencies lack a qualified pool of systems security engineers despite the hype about cyber attacks and security breaches that seem to flood the media.

Internships in the Related Area of S&P

The EIT ICT Labs consortium consists of leading global companies, such as Deutsche Telekom, SAP, Siemens, KPMG, Alcatel-Lucent, Technicolor, Philips, Infineon, Intel, NXP, and ST Microelectronics etc. Their commitment guarantee access to challenging thesis projects and prospective internships in a stable, innovation based industry.

There are also good relationships with car manufacturers like Volkswagen, Daimler, BMW and Renault and the automotive supply industry. Other core partners in the EIT ICT Labs are national research organisations i. e. TNO-ICT, and CWI (The Netherlands), DFKI and Fraunhofer (Germany). In addition to this, all participating partners have special links to the respective national security agencies.

The first year is offered by TU Berlin and Univ. of Trento.

Specialisations

High Assurance Systems - TU Berlin

Security and Privacy are the main aspects of what customers expect from IT-based systems. Moreover, customers need to trust the dependability of the systems, which in addition to confidentiality and integrity comprises availability and robustness. The specialization focuses on the interrelationship between security aspects and dependability, thus putting security in a wider context and exploring its role in this context.

Motivation

High assurance is the main feature of IT-systems used in smart cities, and also a major aspect in embedded (or cyber physical systems). High assurance for critical infrastructures is also of pivotal importance for governmental institutions.

Learning Outcomes: Graduates are able to

  • analyze the availability and reliability of IT-Systems based on data of the components
  • develop up-to-date solutions for high assurance
  • describe and assess the interplay between security and dependability

Mandatory Courses (15 ECTS)

  • Dependable Systems (3 ECTS)
  • High Assurance Systems Seminar (3 ECTS)
  • High Assurance Project (9 ECTS)

Elective Courses (3-6 ECTS)

  • Autonomous Security (6 ECTS)
  • Hardware Security (3 ECTS)

Network Security - UTwente

This specialization will look at security of networks in all their forms, putting emphasis on newer developments and special challenges arising thereby. One special focus will be emerging wireless and dynamic networks like ad-hoc networks, WSNs, or VANETs where issues like collaboration incentives or the absence of protection perimeters lead to new forms of security systems that may also become relevant in a future more dynamic internet.

The specialization will take a very practical approach to network security and include a mandatory hands-on lab.

Motivation

Networked systems get more and more ubiquitous and diverse. They are applied in more and more critical systems now, including sensor networks, smart meters, industrial control systems, or the Internet. Especially incarnations of wireless communication and dynamic forms of networking like P2P or ad-hoc networks raise new security and privacy challenges. Wireless communication facilitates eavesdropping or denial-of-service attacks, dynamic networking like in Vehicular Ad-hoc Networks creates issues about enforcing collaboration, data consistency, etc.. So a strong background in network security and its various forms is a highly interesting specialization for a security expert.

Learning Outcomes: Graduates are able

  • understand and analyze the security and privacy requirements and characteristics of networked systems
  • perform practical security analysis and evaluations in real- world systems
  • contribute to the design of secure networks

Mandatory Courses (12 ECTS)

  • Security and Privacy in Mobile Systems (6 ECTS, UTwente)
  • Practical Network Security Lab “Hacker’s Hut” (6 ECTS, UTwente)

Elective Courses (6 ECTS)

  • Cyber Crime Science (6 ECTS, UTwente)
  • Secure data management (6 ECTS, UTwente)

Information Security and Privacy - Saarland University

The need of collaborative information management and consumption from any location in the world using high speed connections on the one hand, and the requirements to provide information security and privacy in a mobile and decentralized setting on the other hand are contradicting interests at first glance. However, both have to be provided as one solution in the future.

Motivation

We all deal with information in our daily life and many ofus provide sensitive personal information to systems like social networks, etc. Protecting sensitive information and providing everybody with the amount of privacy each individual is interested in, is one of the major challenges in our information driven society.

Learning Outcomes

  • understand the fundamental concepts of cryptography and their application in common scenarios is practise
  • to assess the degree of security of the respective cryptographic concept
  • apply, and – if necessary, – to adapt those concepts to different applications
  • understand the fundamental concept of security protocols, security policies, network security, media security and security engineering
  • understand how security holes can be exploited and how we are able to prevent this

Mandatory Courses

  • Cryptography (9 ECTS)
  • Information Security (9 ECTS)

Elective Courses (6 ECTS)

  • Seminar Selected Topics in Information Security (7 ECTS)
  • Language-based Security (6 ECTS)
  • Advanced Cryptography (6 ECTS)
  • Zero Knowledge (6 ECTS)
  • Practical Aspects of Security and Privacy
  • Formal Methods and Cryptography (6 ECTS)

Advanced Cryptography - Budapest

Security and Privacy are very important for citizens and customers using IT-based systems. The specialization focuses on the general ideas, techniques and methods of Applied Cryptography as well as on the theoretical background and solid knowledge, putting security in a wider context. Security and Privacy is considered both from the technological and from the economical point of view, which supports decisions in many practical cases.

Motivation

Applied cryptography serves as a base for most of the secure IT-systems (e.g. in Future Media and Content Delivery, Smart Spaces, Digital cities, Health and ICT-Mediated Human Activity, and Enabling the Internet of the Future).

Learning Outcomes: Graduates are

  • able to manage all the typical cryptographic challenges in IT- Systems
  • able to develop cryptosystems under various circumstances
  • aware of the theoretical and practical background

Mandatory Courses (18 ECTS)

  • Advanced cryptography (5 ECTS)
  • Cryptography and its applications (5 ECTS)
  • Cryptographic protocols (5 ECTS)
  • Economics of Security and Privacy (3 ECTS)

Elective Course (3 ECTS)

  • Applied Cryptography Project Seminar (3 ECTS)

System Security - TU Darmstadt

The EIT Action Lines research and innovate in the areas of complex networked systems such as Smart Spaces, Smart Energy Systems, Digital Cities, the Future Internet, etc. The aforementioned areas are characterized by an increasing complexity of the underlying ICT systems. More precisely, these systems comprise of a multitude of software and hardware components, which in combination form complex ICT systems.

Motivation

ICT security and privacy needs to acknowledge the systemic nature of complex ICT, and go beyond a narrow and specialized focus. With the specialization System Security, TU Darmstadt will equip the next generation of security professionals and researchers with the necessary knowledge to master ICT security and Privacy in complex systems.

Learning Outcomes: Graduates are able to

  • Apply their fundamental knowledge for addressing the security of complex ICT systems and infrastructures. Based on the basic knowledge obtained in year 1 of the Master program, the specialization equips the student with the theoretical foundation to model information security systems as well as to design secure, trusted and trustworthy computing systems.
  • The electives add a further specialization in different kinds of ICT systems such as mobile computing, operating systems, cryptographic protocols/applied cryptography for use in complex systems, etc
  • The successful students will acquire knowledge, experience, and skills to design, implement, and operate secure IT infrastructures.

Mandatory Courses (18 ECTS)

  • Secure, Trusted and Trustworthy Computing (6 ECTS)
  • Formal Methods in Information Security (9 ECTS)
  • At least one research seminar (each term, various seminars are offered with 3 ECTS)

Elective Course (3-6 ECTS)

  • Secure Mobile Systems (3 ECTS)
  • Applied Cryptography (5 ECTS)
  • Cryptographic Protocols (6 ECTS)
  • Virtual Private Networks (3 ECTS)
  • Security in Multimedia Systems and Applications (6 ECTS)
  • Privacy-Enhancing Technologies (3 ECTS)
  • Side-Channel Attacks and Fault Tolerance in IT Systems (5 ECTS)
  • Operating Systems II: Dependability and Trust (8 ECTS)
  • Lab exercises in the area of system security are offered each term (3 ECTS – 6 ECTS)

Applied Security - University of Trento

In many practical contexts such as Digital Cities or Smart energy systems Security and Privacy are seen by IT vendors as additional costs which customers are not really willing to pay for. Even in the framework of cybersecurity low protection mechanisms might be chosen to save costs. The specialization focuses on the challenge of guaranteeing the right level of security to an application that is substantiated by empirical evidence.

Learning Outcomes: Graduates are able to

  • identify the appropriate security technology that can be deployed.
  • develop appropriate solutions for the industry scenarios of cybersecurity and citizen’s security.
  • describe and justify the benefits for such choices based on empirical results.