Course detail

Information System Security

FIT-BISAcad. year: 2017/2018

The course aims to the security goals, security functions, and security mechanisms. The content is: Introduction into information security, basic terms, threats, weak points, security measures, criteria for system security assessment, Common Criteria, data transmission security, operating system and database security, malicious software,  role of cryptography.

Learning outcomes of the course unit

Students will learn basic principles of information systems security. They will learn also terminology, basic security goals, functions, and mechanisms.

Prerequisites

There are no prerequisites

Co-requisites

Not applicable.

Recommended optional programme components

Not applicable.

Recommended or required reading

  • Hanáček, P., Staudek, J.: Bezpečnost informačních systémů, ÚSIS, Praha, 2000, s. 127, ISBN80-238-5400-3
  • Savard, J. J. G.: A Cryptographic Compendium, 2000, dostupné na WWW

  • Stallings, W.: Cryptography and Network Security, Prentice Hall, 1999, ISBN 0-13-869017-0

Planned learning activities and teaching methods

Not applicable.

Assesment methods and criteria linked to learning outcomes

Study evaluation is based on marks obtained for specified items. Minimimum number of marks to pass is 50.

Language of instruction

Czech

Work placements

Not applicable.

Course curriculum

    Syllabus of lectures:
    • Introduction
    • Threats, vulnerabilities
    • Security measures
    • Criteria for system security assessment
    • Common criteria (CC)
    • Security functions
    • Risk analysis
    • Data transmission security
    • Operating system security
    • Database security
    • Web security
    • Smart card applications
    • Role of cryptography

    Syllabus - others, projects and individual work of students:
    1. A homework on security mechanisms.
    2. A homework on applied cryptography.

Aims

The goal is to make students familiar with the basic concepts of information systems security.

Specification of controlled education, way of implementation and compensation for absences

A mid-term exam evaluation and an evaluation of projects.

Classification of course in study plans

  • Programme IT-MGR-2 Master's

    branch MBI , any year of study, winter semester, 5 credits, compulsory-optional
    branch MPV , any year of study, winter semester, 5 credits, compulsory-optional
    branch MGM , any year of study, winter semester, 5 credits, elective
    branch MIS , any year of study, winter semester, 5 credits, compulsory
    branch MBS , any year of study, winter semester, 5 credits, compulsory
    branch MIN , any year of study, winter semester, 5 credits, compulsory-optional
    branch MMI , any year of study, winter semester, 5 credits, elective
    branch MMM , any year of study, winter semester, 5 credits, compulsory-optional
    branch MSK , 2. year of study, winter semester, 5 credits, compulsory

Type of course unit

 

Lecture

39 hours, optionally

Teacher / Lecturer

Syllabus


  • Introduction
  • Threats, vulnerabilities
  • Security measures
  • Criteria for system security assessment
  • Common criteria (CC)
  • Security functions
  • Risk analysis
  • Data transmission security
  • Operating system security
  • Database security
  • Web security
  • Smart card applications
  • Role of cryptography

Project

13 hours, optionally

Teacher / Lecturer

eLearning