Veranstaltung

Content:

Access control systems are everywhere and the backbone of secure services as they incorporate who is and who is not authorized: think of operating systems, information systems, banking, vehicles, robotics, cryptocurrencies, or decentralized applications as examples. The course starts with current challenges of access control in the era of hyperconnectivity, i.e., in cyber-physical or decentralized systems. Based on the derived needs for next generation access control, we first study how to specify access control and analyze strengths and weaknesses of various approaches. We then focus on up-to-date proposals, like IoT and AI access control. We look at current cryptographic access control aspects, blockchains and cryptocurrencies, and trusted execution environments. We also discuss the ethical dimension of access management. Students prepare for lecture and exercise sessions by studying previously announced literature and by preparation of exercises that are jointly discussed in the sessions.

Competency Goals:

·       The student understands the challenges of access control in the era of hyperconnectivity.

·       The student understands that an information security model defines access rights that express for a given system which subjects are allowed to perform which actions on which objects. The student understands that a system is said to be secure with respect to a given information security model, if it enforces the corresponding access rights.

·       The student is able to derive suitable access control models from scenario requirements and is able to specify concrete access control systems. The student is able to decide which concrete architectures and protocols are technically suited for realizing a given access control model.

·       The student knows access control protocols using cryptographic methods and is able to compare protocol realizations based on different cryptographic building blocks.

·       The student is aware of the limits of access control models and systems with respect to their analyzability and performance and security characteristics. The student is able to identify the resulting tradeoffs.

·       The student knows the state of the art with respect to current research endeavors, e.g., access control in the context of decentralized and distributed systems, Trusted Execution Environments, AI, robotics, or hash-chain based systems.

Workload:

1.Attendance time

Lecture: 2 SWS: 2,0h x 15 = 30h

Exercises: 1 SWS: 1,0h x 15 = 15h

2.Self-study (e.g., independent review of course material, work on homework assignments)

Weeklypreparation and follow-up ofthelecture: 15 x 1h x 3 = 45h

Weeklypreparation and follow-up oftheexercise: 15 x 2h = 30h

3.Preparation for the exam: 30h

 Σ = 150h = 5 ECTS

Competency certificate:

 Depending on the number of participants, it will be announced six weeks before the examination (§ 6 Abs. 3 SPO) whether the examination takes place

·       in the form of an oral examination lasting 20 minutes pursuant to § 4 Abs. 2 Nr. 2 SPO or

·       in the form of a written examination lasting 60 minutes in accordance with § 4 Abs. 2 Nr. 1 SPO.

Recommendations:

Basics according to the lectures "IT Security Management for Networked Systems" and "Telematics" are recommended.

Duration: One terms