Course detail

Information system security

FEKT-HSCeAcad. year: 2015/2016

Basic terms. Cryptography security mechanisms (encrypting, signing, hashing). Communication security mechanisms (filtering methods, spread spectrum methods, error control codes and protocols). Computer security mechanisms (access control, intrusion detection, software protection, data security, backup, audit, emission security). Other security mechanisms. Security policy. Risk analysis and management. Evaluations of the information system security.

Learning outcomes of the course unit

Students obtain knowledge needed to the solution of the information system security.

Prerequisites

The subject knowledge on the Bachelor´s degree level is requested.

Co-requisites

Not applicable.

Recommended optional programme components

Not applicable.

Recommended or required reading

Stallings, W.: Cryptography and Network Security, Prentice Hall, 1999.

Planned learning activities and teaching methods

Teaching methods depend on the type of course unit as specified in the article 7 of BUT Rules for Studies and Examinations.

Assesment methods and criteria linked to learning outcomes

Requirements for completion of a course are specified by a regulation issued by the lecturer responsible for the course and updated for every.

Language of instruction

English

Work placements

Not applicable.

Course curriculum

Lectures:
1. Basic terms.
2. Cryptography protection.
3. Symmetric cryptosystems.
4. Encryptors and key distributions.
5. Asymmetric cryptosystems.
6. Sigital signature and PKI.
7. Secure communications protocols.
8. Attacks on cryptography protections.
9. Attacks on WLAN.
10. Emission security.
11. Block error codes.
12. Convolutional error codes.
13. Protections of communications channels.
14. Spread spectrum channels.
15. Steganography methods.
16. Filtering methods, intrusion detection systems.
17. Password and biometric access controls.
18. Token access control.
19. Computer security.
20. Malicious software.
21. Physical protections.
22. Data back-up.
23. Security management in information systems.
24. Risk analysis and management.
25. Security evaluations of information systems.
26. Security legislature for information systems.

Numerical excercises:
1. Applications of secrecy theory.
2. Applications of symmetric cryptography.
3. Applications of asymmetric cryptography.
4. Applications of secure communication protocols.
5. Applications of emission security.
6. Applications of error codes.
7. Applications of spread spectrum methods.
8. Applications of communications controls.
9. Applications of access methods.
10. Applications of software protections.
11. Physical security in practice.
12. Risk management in practice.
13. Applications of ISO 15408.

Others:
1.-13. Individual projects.

Aims

The goal is to become familiar with basic terms of the information system security, security mechanisms and security evaluation methods.

Specification of controlled education, way of implementation and compensation for absences

The content and forms of instruction in the evaluated course are specified by a regulation issued by the lecturer responsible for the course and updated for every academic year.

Classification of course in study plans

  • Programme EEKR-MN Master's

    branch MN-TIT , 1. year of study, winter semester, 5 credits, optional specialized
    branch MN-KAM , 2. year of study, winter semester, 5 credits, optional interdisciplinary

Type of course unit

 

Lecture

26 hours, optionally

Teacher / Lecturer

Exercise

26 hours, compulsory

Teacher / Lecturer