Information System Security
ÚSI-RTBISAcad. year: 2020/2021
The course is focused on security goals, security functions, and security mechanisms. The course covers the following areas: An introduction to information system security, basic terms, threats, weak points, security measures, the criteria for system security assessment, Common Criteria, data transmission security, operating system and database security, malicious software, and the role of cryptography in information security.
Learning outcomes of the course unit
Students will learn about the basic principles of information system security. They will also gain knowledge regarding terminology, basic security goals, functions, and mechanisms.
Recommended optional programme components
Recommended or required reading
Stallings, W.: Cryptography and Network Security, Prentice Hall, 1999, ISBN 0-13-869017-0
Hanáček, P., Staudek, J.: Bezpečnost informačních systémů, ÚSIS, Praha, 2000, s. 127, ISBN80-238-5400-3
Savard, J. J. G.: A Cryptographic Compendium, 2000, dostupné na WWW
Planned learning activities and teaching methods
Tuition takes place via lectures and seminars. The lectures focus on the explanation of basic principles, the methods of the given discipline, problems and example solutions.
Assesment methods and criteria linked to learning outcomes
The knowledge and skills of students are assessed from their work on projects and by the final examination.
Language of instruction
1. Introduction, basic terminology.
2. Threats, vulnerabilities.
3. Security measures, security policy.
4. Criteria for system security assessment.
5. Common Criteria (CC).
6. Security functions.
7. Risk analysis.
8. Data transmission security.
9. Operating system security.
10. Web security.
11. Database security.
12. Smart card applications.
13. The role of cryptography in information security.
The goal is to make students familiar with the basic concepts of information system security.
Specification of controlled education, way of implementation and compensation for absences