IT Security and Safety Curriculum Hamburg

Prof. Dr. Klaus Brunnstein
Faculty for Informatics - University of Hamburg

4 semesters = 2 years
1. 1st cycle: winter 1989/90 -summer 1991
2. 2nd cycle: winter 1991/92 -summer 1993
3. 3rd cycle: winter 1993/94 -summer 1995
4. 4th cycle: winter 1995/96 -summer 1997
5. 5th cycle: winter 1997/98 -summer 1999
6. 6th cycle: winter 1999/00 -summer 2001

Lecture 1: Introduction into IT Security and Safety

survey of dependability/vulnerability studies
survey of IT misuse: Hackers, Cracker, Viruses, Worms
basic IT paradigms and IT-induced risks
selelcted case studies of IT relevant incidents in
organisations and enterprises, security and safety issues
and policies
legal aspects:
- Data Protection
- Computer Crime Legislation
- Copyright, Intellectual Property Right

Lecture 2: Concepts of Secure & Safe Systems I

Problems of "Quality", ISO 9000 etc.
IT Security and Safety Models
R-ITSEC (Common Criteria, draft)
Reference Monitor
Concepts/Implementations of Virtual Systems
Intrusion Detection (IDES) / Avoidance (IDA)

Lecture 3: Concepts of Secure & Safe IT Systems II

Encryption methods (general, DES, RSA, Clipper)
Data Base/Information Systems Security:
Problems and Solutions (DBMS, RDMS)
Communication and Network Security


Lecture 4: Risk and Incident Analysis

Case studies: Incident of IT based Systems
- Network, Mainframe, PC Attacks
- Bank networks/accidents
- Flight Management (EFCS) and other accidents
Methods of Risk Analysis
Large Systems Backup Solutions
Methods of Reverse Engineering
Methods of Computer Emergency Response

Special Lectures on:Cryptography, Data Protection etc.

Seminar on:Actual Problems of IT Security and Safety (every semester)

Practice in Reverse Engineering:Virus Test Center (permanent)

Examination Work on diverse Aspects

Dissertation Work on selected Aspects