Course content

-Key results in the theory and modelling of information security -Network security -Operating system security -Human factors in security -Security engineering and assurance -Cyber-physical systems security -Cryptography and cryptanalysis -Database security -Information security management -Anonymity and privacy

Learning outcome

The module (strongly recommended for doctoral students in the programme) is intended to provide additional insights into the information security domain for doctoral students in Information Security beyond their immediate area of specialisation.To this end two areas of information security that are distinct from the candidate's specialisation are to be identified, where the two areas should normally also not overlap. For each area (including but not limited to those identified below), a sub-area is to be chosen, and primary and secondary literature to be studied to elaborate a seminar paper. In one of the areas, the sub-area chosen should be such that a reasonable overview of the state of the art in the research specialisation can be achieved and described, whilst a second area may follow a somewhat wider remit and rely more on secondary literature. The results will be a synopsis and survey of the two respective sub-areas, combined with individual perspective and reflection by the candidate.

Skills: On concluding the module, candidates -can identify relevant primary and secondary research literature in the respective areas chosen by the candidate, forming an insight into the state of the art in an unfamiliar area -can synthesise the state of the art and articulate key research problems and methods in the respective areas chosen by the candidate -are able to evaluate the merits and contributions of research articles in the respective areas chosen by the candidate

Knowledge: On concluding the module, candidates -will be able to summarise the state of the art in the respective areas chosen by the candidate -can outline key methods employed by research in the respective areas chosen by the candidate and state relative merits -can identify main strands of inquiry and key results in the respective areas chosen by the candidate

General Competence: On concluding the module, candidates -can appraise the merit of research methods and quality of research in the sub-areas studied also in relation to the candidate's own specialisation area -is able to cogently discuss the state of the art in the chosen areas for the seminar papers -is able to identify gaps in the state of the art in the respective areas chosen by the candidate

Sustainability will be mandatorily considered as part of the individual reports.

Learning methods and activities

-Lectures -Individual discussions -Seminars -Literature study Compulsory requirements: -Students are required to prepare two papers on one or two of the subject areas covered in the course in coordination with and approved by the lecturer. Both paper topics must be approved by the lecturer, for this students must arrange a meeting at the beginning of the semester. The final papers are to be submitted into the examination system at the date set by the study administration for the current semester; students are encouraged to obtain at least two instances of feedback before the submission.

Specific conditions

Recommended previous knowledge

No pre-requisites, course should normally be taken in the first year of Ph.D. studies.

Course materials

The textbooks, monographs, and research articles are determined by the respective sub-area chosen for the seminar papers and will normally need to reflect the state of the art in the area. The following identifies a small number of seminal papers and texts in selected areas only. Suggested textbooks: -O. Goldreich: Foundations of Cryptography (2 vols.), Cambridge University Press, 2001-2004 -W. Diffie and M. Hellman: New Directions in Cryptography. IEEE Transactions on Information Theory 22(6):644-654 (1976) -R. L. Rivest, A. Shamir,, and L. Adleman: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21(2):120-126 (1978) -E. Bertino and R. Sandhu: Database Security - Concepts, Approaches, and Challenges. IEEE Transactions on Dependable and Secure Computing 2(1):2-19 (2005) -J. Vaidya and C. Clifton: Privacy-Preserving Decision Trees over Vertically Partitioned Data. ACM Transactions on Knowledge Discovery from Data 2(3):14 (2008) -K. Thompson: Reflections on Trusting Trust Communications of the ACM 27(8):761-763 (1984) -J. Feigenbaum, A. Johnson, and P. Syverson: A Model of Onion Routing with Provable Anonymity" Proceedings of the 11th International Conference Financial Cryptography and Data Security (FC 2007), Vol. 4886 of Lecture Notes in Computer Science. Trinidad/Tobago, Feb. 2007, Springer-Verlag. -E. Peeters, F.-X. Standaert, and J.-J. Quisquater: Power and Electromagnetic Analysis: Improved Model, Consequences, and Comparisons Integration: The VLSI Journal 40(1):52-60 (2007) -D. Agrawal, B. Archambeault, J. R. Rao, and P. Rohatgi: The EM Side-Channel(s) Proceedings of Cryptographic Hardware and Embedded Systems (CHES 2002), Vol. 2523 of Lecture Notes in Computer Science, Lausanne, Switzerland, Sep. 2002, Springer-Verlag. -A. Mishra: Security and Quality of Service in Ad Hoc Wireless Networks, Cambridge University Press, 2010 -S.K. Das, K. Kant, N. Zhang: Handbook on Securing Cyber-Physical Critical Infrastructure. Elsevier, 2012