Module Import 04WI2025 - Mobile Systems Security

Status: Published
Workload6 ECTS = 180 hrs
Credits, Weight6 ECTS, (n.s.)
Language of Instruction German or English
Semester (n.s.)
Duration1 Sem.
M/E Elective
Courses
Course No. Type Name MA/EL Workload Credits Contact Hours Selfstudy Group Size
04WI2025-1 Lecture Mobile Systems Security (n.s.) 3 ECTS = 90 hrs - 2 hrs/week = 30 hrs 60 hrs (n.s.)
04WI2025-2 Seminar/Exercise Mobile Systems Security (n.s.) 3 ECTS = 90 hrs - 2 hrs/week = 30 hrs 60 hrs (n.s.)
Learning Outcomes

Die Studierenden verstehen die Entwicklung der Mobilität von Personen, autonomen Systeme und Daten in einer vernetzten Welt der zeitlich und örtlich unbegrenzten Zugänglichkeit, Erreichbarkeit und Beweglichkeit. Sie verstehen die historischen Entwicklungslinien und können daraus aufgrund ihrer Kenntnis der technologischen Sachverhalte zukünftige technische Entwicklungen ableiten.Die Studierenden kennen Sicherheitsrisiken ausgewählter Anwendungen mobiler Systeme. Sie kennen ebenfalls Methoden zur Beherrschung der Risiken.  In der zugehörigen Übung erwerben sie die Fähigkeit, einige Schutzmechanismen zu installieren, auszuführen und zu verbessern.

Successful attendants of this module will understand security risks of selected applications of mobile systems. They will also master methods to control those risks. They will understand the underlying technology and its application opportunities that exploit the mobility of persons, data and services in a network. They will also understand the history of mobile systems. Therefore, they will be able to derive tendencies of their future development.

 

Content

(not specified)

04WI2025-1 - Mobile Systems Security

Es werden Sicherheitsbedrohungen und Schutzmechanismen zur Gewährleistung von Zuverlässigkeit und Angriffssicherheit für mobile Systeme vermittelt. Die Grundlage bildet ein allgemeines Referenzmodell für die Sicherheit mobiler Systeme und ihrer Anwendungen. Ein besonderes Gewicht liegt auf der detaillierten Analyse ausgewählter mobiler Anwendungen wie RFID-bestückte Ausweise, mobile Arbeitsplätze, Ortungsdienste. Die Vorlesungsunterlagen sind auf Englisch.

The course will present a reference model for the security of mobile systems and its applications. According to the structure of this model, security threats, security requirements, and security mechanisms will be identified and explained. A set of selected applications, like RFID id cards, mobile working places, location based services with their security and privacy concerns will be analyzed. Mobile apps will also be addressed. The lecture will cover these topics:

  • Introduction to security and mobility for mobile persons and autonomous systems
  • Basic model of security for mobile applications
  • The mobile workplace
  • Mobile technology and related security means
  • Basic protection of mobile technology (BSI)
  • Access, Authorization, Accounting for mobile devices
  • Application ePassport and eIdentification (ePA)
  • Local Based Services
  • M-commerce
  • Mobile DRM
  • Applications remote management, Liberty Alliance, Shibboleth, DFN Roaming
  • Smartphone forensics
  • Mobile Apps Security and Privacy
Teaching Methods

(not specified)

Prerequisites

Kenntnis der Grundlagen der IT-Sicherheit. Insbesondere Einschätzen der grundlegenden Risiken und Anwenden von Methoden der Sicherheitsanalyse von Rechnern, Netzen und Informations- und Kommunikationsanwendungen im Netz.

IT Security Basics (encryption, signatures, PKI, access control, authentication)

 

Examination Methods

Klausur (written test)
Bei Seminar: Vortrag und Hausarbeit (oral presentation and written essay)
Voraussetzung für die Vergabe von Leistungspunkten: regelmäßige und qualifizierte Teilnahme (maximal 2 Fehlsitzungen)
Stellenwert für die Note in der Endnote: für Lehramt Gymnasium: 5% entsprechend den LP (6:120), für Lehramt Realschule: 10% entsprechend den LP (6:60)

Credit Requirements

(not specified)

References

(not specified)

04WI2025-1 - Mobile Systems Security

Recent:

* Boyles, Jan Lauren/ Smith, Aaron/Madden, Mary, Privacy and Data Management on
  Mobile De-vices. Pew Research Center’s Internet & American Life Project,
  Washington, D.C., Sep. 2012.
* Stephen Fried: Mobile Device Security - A Comprehensive Guide to Securing Your Information
  in a Moving World.  Auerbach Publications, Boca Raton Florida 2010, 274 pages.
* Yury Zhauniarovich: Android Security (and Not) Internals. ASANI Book,
  Version 1.00, June 2014.
* William Enck, Machigar Ongtang, and Patrick McDaniel, U o Pennsylvania:
  Understanding Android Security IEEE Security&Privacy, Jan/Feb 2009, pp. 50-57.
* Himanshu Dwivedi, Chris Clark, David Thiel: Mobile Application Security.
  McGraw Hill, New York 2010, 408 pages.
* Ken Dunham (Ed.): Mobile Malware Attacks and Defense.
  Elsevier, Burlington MA 2009, 409 pages.
* Wolfgang W. Osterhage: sicher & mobil - Sicherheit in der drahtlosen Kommunikation.
  Springer-Verlag, Berlin, Heidleberg, 2010, 168 Seiten.

Older:

* K. Randall, N. und P. C. Lekkas, Wireless Security: Models, Threats, and Solutions.
  McGraw-Hill, 2002
* G. Wiehler, Mobility, Security und Web Services, Publicis MCD, 2004
* J. Zobel, Mobile Business and M-Commerce, Hanser, 2001
* Knospe, Pohl, RFID Security. Information Security Technical Report: 9,4,39-50.
  Elsevier 2004, http://www.inf.fh-bonn-rhein-sieg.de/Aufsaetze.html

Standard Basics:

* Whitman, Michael; Mattord, Herbert: Principles of Information Security.
  4th Edition. Thomson Course Technology. Canada, 2011, 656 pages.
* Schneier, Bruce: Beyond Fear: Thinking Sensibly about Security in an Uncertain World.
  Copernicus Books, 2003.
* BSI - Bundesamt für Sicherheit in der Informationstechnik: Selected publications in English,
  https://www.bsi.bund.de/cln_156/EN/Publications/publications_node.html, esp.
  BSI - IT-Grundschutzhandbuch, updated annually

Use of this Module
  1. unmodified as Elective  -    BSc Computer Science 2017  -    Mandatory elective courses Computer Science  -    Mobile Systems Security
  2. unmodified as Elective  -    BSc Computational Visualistics 2017  -    Mandatory elective courses Computer Science  -    Mobile Systems Security
  3. unmodified as Elective  -    BSc Computational Visualistics 2017  -    Mandatory elective courses in Computational Visualistics or computer science  -    Mobile Systems Security
  4. unmodified as Elective  -    MSc Computer Science 2017  -    Mandatory elective courses Computer Science  -    Mobile Systems Security
  5. unmodified as Elective  -    MSc Computer Science 2017  -    Major subject computer science  -    Mobile Systems Engineering  -    Mobile Systems Security
  6. unmodified as Elective  -    MSc Computational Visualistics 2017  -    Mandatory elective courses Computer Science  -    Mobile Systems Security
  7. unmodified as Elective  -    MSc Computational Visualistics 2017  -    Mandatory elective courses in Computational Visualistics or computer science  -    Mobile Systems Security
  8. unmodified as Elective  -    MSc E-Government 2017  -    Mandatory elective courses Information Systems  -    Mobile Systems Security
  9. unmodified as Elective  -    MSc Information Management 2017  -    Mandatory elective courses Computer Science and Information Systems  -    Mobile Systems Security
  10. unmodified as Elective  -    MSc Information Systems 2017  -    Mandatory elective courses Application Systems in Business and Administration  -    Mobile Systems Security
  11. unmodified as Elective  -    MSc Web Science 2017  -    Mandatory elective courses Computer Science  -    Mobile Systems Security
Responsible / Organizational Unit
Grimm, Rüdiger / Institute for IS Research
Additional Information

(not specified)

Last change
Apr 24, 2018 by Frey, Johannes
Last Change Module
Apr 30, 2015 by Frey, Johannes