Course detail
Information System Security
FEKT-MBISAcad. year: 2019/2020
Modern civilization depends on a correct functioning of information systems. Significant attention must therefore be paid to the security of these systems. On completing the course, students will have a thorough overview of possible methods of securing an information system. Lectures are mainly dedicated to explaining the functioning of cryptography protections, communication protections, access control techniques, and computer protections. Exercises are computational ones and are dedicated to strengthening the theoretical knowledge and to considering quantitatively the different types of protection.
Supervisor
Department
Learning outcomes of the course unit
A student who completes the course will be able to:
• explain the principles of symmetric cryptosystems,
• explain the principles of asymmetric cryptosystems,
• explain the principles of the functioning of communication protections,
• explain the principles of the functioning of access control systems,
• explain the principles of the functioning of computer protections,
• explain the principles of emission protections,
• explain the principles of security evaluation.
Prerequisites
No special knowledge is required.
Co-requisites
Not applicable.
Recommended optional programme components
Not applicable.
Recommended or required reading
BURDA, K. Bezpečnost informačních systémů. Brno: Vysoké učení technické v Brně, 2013. (CS)
Stallings, W.: Cryptography and Network Security. Prentice Hall, 2006. (EN)
Hanáček, P. - Staudek, J.: Bezpečnost informačních systémů. Úřad pro státní informační systém, Praha 2000. (CS)
Planned learning activities and teaching methods
Techning methods include lectures and numerical excercises. Course is taking advantage of e-learning system.
Assesment methods and criteria linked to learning outcomes
10 points can be obtained for fulfilling the tasks in computational exercises and 90 points can be obtained for the examination. The examination is a written one and it is to check whether the student is able to explain the principles of different types of securing information systems.
Language of instruction
Czech
Work placements
Not applicable.
Course curriculum
Lectures:
1. Basic terms.
2. Symmetric cryptosystems.
3. Asymmetric cryptosystems.
4. Protocols for secure communication.
5. Codes for error detection and correction.
6. Protection of communication channels.
7. Filtering methods and intrusion detection systems.
8. Access control.
9. Computer security.
10. Emission security.
11. Information security evaluation.
12. Physical security.
13. Prospective evolutionary trends.
Computational exercises:
1. Introduction to cryptography.
2. Examples of symmetric cryptosystems.
3. Examples of asymmetric cryptosystems.
4. Examples of protocols for secure communication.
5. Examples of codes for error detection and correction.
6. Examples of communication channel protections.
7. Examples of filtering methods and intrusion detection system.
8. Examples of access control systems.
9. Examples of computer protections.
10. Examples of emission security techniques.
11. Methods of information security evaluation.
12. Designing physical security.
13. Credit exercise.
Aims
The goal of the course is to provide students with a good insight into the branch of information system security.
Specification of controlled education, way of implementation and compensation for absences
Computational exercises are obligatory.
Classification of course in study plans
- Programme EEKR-M1 Master's
branch M1-TIT , 1. year of study, winter semester, 5 credits, optional specialized
branch M1-KAM , 2. year of study, winter semester, 5 credits, optional interdisciplinary - Programme EEKR-CZV lifelong learning
branch ET-CZV , 1. year of study, winter semester, 5 credits, optional specialized