• Basics and concepts of information security
• Understanding the protection objectives of information security and various attack models (including associated assumptions)
• introduction of measures to achieve the respective protection goals, taking into account different attack models
• Note: In contrast to the IT Security lecture, measures such as encryption algorithms are treated only abstractly, i. e. the idea of the measure, assumptions to the attacker and the deployment environment.
• Presentation and analysis of problems of information security arising from human-machine interaction and presentation of the Human Centered Security by Design approach.
• Introduction into organisational protective measures and standards to be observed for companies

Learing objectives:

The student

• can explain the basics of information security
• knows suitable measures to achieve different protection goals
• can assess the quality of organisational protective measures, i. e. among other things knows what has to be taken into account when using the individual measures
• understands the differences between information security in the organisational and in the private context
• knows the areas of application of different standards and knows their weaknesses
• knows and can explain the problems of information security that which arise from human-machine interaction
• is able to deal with messages concerning found security problems in a critical way.

This course can also be credited for the KASTEL certificate. Further information about obtaining the certificate can be found on the SECUSO website https://secuso.aifb.kit.edu/Studium_und_Lehre.php).

• P. Gerber, M. Ghiglieri, B. Henhapl, O. Kulyk, K. Marky, P. Mayer, B. Reinheimer, and M. Volkamer, Human Factors in Security. Springer, Jan. 2018, pp. 83–98.
• C. Eckert, IT-Sicherheit: Konzepte-Verfahren-Protokolle. Walter de Gruyter, 2013