IT Security Modelling, covering these topics:
- IT security analysis method
- formal IT security models
- mobile security framework
- Android permission model
- Common Criteria Security Evaluation Method
The students will learn basics of how to analyse the IT security of IT applications and their enviromental settings. One established method is the mathematical modelling method. This session will cover several models including the Bell La Padula model for mandatory access control as well as the Lambson method of discretionary access control. A modern challenge of electronic communication is mobility of customers and services.This raises sepcial security concerns whic are addressed in this session. A special problem is the permission of mobile equipment to use other activities of the mobile equipment. How Android's permission model solves this problem will be addressed in this session. Finally, a specific problem is the evaluation of IT products. The Common Criteria standard gives guidelines to evluate and certify the security of IT products. The session will present the Common Criteria standard method.