Course detail

Information System Security

FEKT-MBISAcad. year: 2018/2019

Modern civilization depends on a correct functioning of information systems. Significant attention must therefore be paid to the security of these systems. On completing the course, students will have a thorough overview of possible methods of securing an information system. Lectures are mainly dedicated to explaining the functioning of cryptography protections, communication protections, access control techniques, and computer protections. Exercises are computational ones and are dedicated to strengthening the theoretical knowledge and to considering quantitatively the different types of protection.

Learning outcomes of the course unit

A student who completes the course will be able to:
• explain the principles of symmetric cryptosystems,
• explain the principles of asymmetric cryptosystems,
• explain the principles of the functioning of communication protections,
• explain the principles of the functioning of access control systems,
• explain the principles of the functioning of computer protections,
• explain the principles of emission protections,
• explain the principles of security evaluation.

Prerequisites

No special knowledge is required.

Co-requisites

Not applicable.

Recommended optional programme components

Not applicable.

Recommended or required reading

BURDA, K. Bezpečnost informačních systémů. Brno: Vysoké učení technické v Brně, 2013. (CS)
Stallings, W.: Cryptography and Network Security. Prentice Hall, 2006. (EN)
Hanáček, P. - Staudek, J.: Bezpečnost informačních systémů. Úřad pro státní informační systém, Praha 2000. (CS)

Planned learning activities and teaching methods

Techning methods include lectures and numerical excercises. Course is taking advantage of e-learning system.

Assesment methods and criteria linked to learning outcomes

10 points can be obtained for fulfilling the tasks in computational exercises and 90 points can be obtained for the examination. The examination is a written one and it is to check whether the student is able to explain the principles of different types of securing information systems.

Language of instruction

Czech

Work placements

Not applicable.

Course curriculum

Lectures:
1. Basic terms.
2. Symmetric cryptosystems.
3. Asymmetric cryptosystems.
4. Protocols for secure communication.
5. Codes for error detection and correction.
6. Protection of communication channels.
7. Filtering methods and intrusion detection systems.
8. Access control.
9. Computer security.
10. Emission security.
11. Information security evaluation.
12. Physical security.
13. Prospective evolutionary trends.

Computational exercises:
1. Introduction to cryptography.
2. Examples of symmetric cryptosystems.
3. Examples of asymmetric cryptosystems.
4. Examples of protocols for secure communication.
5. Examples of codes for error detection and correction.
6. Examples of communication channel protections.
7. Examples of filtering methods and intrusion detection system.
8. Examples of access control systems.
9. Examples of computer protections.
10. Examples of emission security techniques.
11. Methods of information security evaluation.
12. Designing physical security.
13. Credit exercise.

Aims

The goal of the course is to provide students with a good insight into the branch of information system security.

Specification of controlled education, way of implementation and compensation for absences

Computational exercises are obligatory.

Classification of course in study plans

  • Programme EEKR-M1 Master's

    branch M1-TIT , 1. year of study, winter semester, 5 credits, optional specialized
    branch M1-KAM , 2. year of study, winter semester, 5 credits, optional interdisciplinary

  • Programme EEKR-CZV lifelong learning

    branch ET-CZV , 1. year of study, winter semester, 5 credits, optional specialized

Type of course unit

 

Lecture

26 hours, optionally

Teacher / Lecturer

Exercise

26 hours, compulsory

Teacher / Lecturer