Information System Security
ÚSI-2ICBSAcad. year: 2018/2019
The course aims to the security goals, security functions, and security mechanisms. The content of the course is: Introduction into information security, basic terms, threats, weak points, security measures, criteria for system security assessment, Common Criteria, data transmission security, operating system and database security, malicious software, role of cryptography in information security.
Learning outcomes of the course unit
Students will learn basic principles of information security system. They will also learn the terminology, basic security goals, functions, and mechanisms.
Recommended optional programme components
Recommended or required reading
Stallings, W.: Cryptography and Network Security, Prentice Hall, 1999, ISBN 0-13-869017-0
Hanáček, P., Staudek, J.: Bezpečnost informačních systémů, ÚSIS, Praha, 2000, s. 127, ISBN80-238-5400-3
Savard, J. J. G.: A Cryptographic Compendium, 2000, dostupné na WWW
Planned learning activities and teaching methods
Teaching is carried out through lectures that consist of interpretations of basic principles, methodology of given discipline, problems and their exemplary solutions.
Assesment methods and criteria linked to learning outcomes
The knowledge and skills of students are verified by developing projects and by the final examination.
Language of instruction
1. Introduction, basic terminology.
2. Threats, vulnerabilities.
3. Security measures, Security policy.
4. Criteria for system security assessment.
5. Common Criteria (CC).
6. Security functions.
7. Risk analysis.
8. Data transmission security.
9. Operating system security.
10. Web security.
11. Database security.
12. Smart card applications.
13. Role of cryptography in information security.
The goal is to make students familiar with the basic concepts of information security system.
Specification of controlled education, way of implementation and compensation for absences