Course details
Information System Security
BIS Acad. year 2017/2018 Winter semester 5 credits
The course aims to the security goals, security functions, and security mechanisms. The content is: Introduction into information security, basic terms, threats, weak points, security measures, criteria for system security assessment, Common Criteria, data transmission security, operating system and database security, malicious software, role of cryptography.
Guarantor
Language of instruction
Completion
Time span
- 39 hrs lectures
- 13 hrs projects
Assessment points
- 70 pts final exam (1 pts written part, 1 pts test part)
- 15 pts mid-term test (1 pts written part, 1 pts test part)
- 15 pts projects
Department
Subject specific learning outcomes and competences
Students will learn basic principles of information systems security. They will learn also terminology, basic security goals, functions, and mechanisms.
Learning objectives
The goal is to make students familiar with the basic concepts of information systems security.
Prerequisite knowledge and skills
There are no prerequisites
Study literature
- Hanáček, P., Staudek, J.: Bezpečnost informačních systémů, ÚSIS, Praha, 2000, s. 127, ISBN80-238-5400-3
- Savard, J. J. G.: A Cryptographic Compendium, 2000, dostupné na WWW
Fundamental literature
- Stallings, W.: Cryptography and Network Security, Prentice Hall, 1999, ISBN 0-13-869017-0
Syllabus of lectures
- Introduction
- Threats, vulnerabilities
- Security measures
- Criteria for system security assessment
- Common criteria (CC)
- Security functions
- Risk analysis
- Data transmission security
- Operating system security
- Database security
- Web security
- Smart card applications
- Role of cryptography
Progress assessment
Study evaluation is based on marks obtained for specified items. Minimimum number of marks to pass is 50.
Controlled instruction
A mid-term exam evaluation and an evaluation of projects.
Course inclusion in study plans