Course detail
Information system security
FEKT-HSCeAcad. year: 2015/2016
Basic terms. Cryptography security mechanisms (encrypting, signing, hashing). Communication security mechanisms (filtering methods, spread spectrum methods, error control codes and protocols). Computer security mechanisms (access control, intrusion detection, software protection, data security, backup, audit, emission security). Other security mechanisms. Security policy. Risk analysis and management. Evaluations of the information system security.
Supervisor
Department
Learning outcomes of the course unit
Students obtain knowledge needed to the solution of the information system security.
Prerequisites
The subject knowledge on the Bachelor´s degree level is requested.
Co-requisites
Not applicable.
Recommended optional programme components
Not applicable.
Recommended or required reading
Stallings, W.: Cryptography and Network Security, Prentice Hall, 1999.
Planned learning activities and teaching methods
Teaching methods depend on the type of course unit as specified in the article 7 of BUT Rules for Studies and Examinations.
Assesment methods and criteria linked to learning outcomes
Requirements for completion of a course are specified by a regulation issued by the lecturer responsible for the course and updated for every.
Language of instruction
English
Work placements
Not applicable.
Course curriculum
Lectures:
1. Basic terms.
2. Cryptography protection.
3. Symmetric cryptosystems.
4. Encryptors and key distributions.
5. Asymmetric cryptosystems.
6. Sigital signature and PKI.
7. Secure communications protocols.
8. Attacks on cryptography protections.
9. Attacks on WLAN.
10. Emission security.
11. Block error codes.
12. Convolutional error codes.
13. Protections of communications channels.
14. Spread spectrum channels.
15. Steganography methods.
16. Filtering methods, intrusion detection systems.
17. Password and biometric access controls.
18. Token access control.
19. Computer security.
20. Malicious software.
21. Physical protections.
22. Data back-up.
23. Security management in information systems.
24. Risk analysis and management.
25. Security evaluations of information systems.
26. Security legislature for information systems.
Numerical excercises:
1. Applications of secrecy theory.
2. Applications of symmetric cryptography.
3. Applications of asymmetric cryptography.
4. Applications of secure communication protocols.
5. Applications of emission security.
6. Applications of error codes.
7. Applications of spread spectrum methods.
8. Applications of communications controls.
9. Applications of access methods.
10. Applications of software protections.
11. Physical security in practice.
12. Risk management in practice.
13. Applications of ISO 15408.
Others:
1.-13. Individual projects.
Aims
The goal is to become familiar with basic terms of the information system security, security mechanisms and security evaluation methods.
Specification of controlled education, way of implementation and compensation for absences
The content and forms of instruction in the evaluated course are specified by a regulation issued by the lecturer responsible for the course and updated for every academic year.