UIAI027 Security of Information Systems

Faculty of Philosophy and Science in Opava
Summer 2016
Extent and Intensity
2/0/0. 4 credit(s). Type of Completion: zk (examination).
Teacher(s)
doc. Ing. Petr Čermák, Ph.D. (lecturer)
Guaranteed by
doc. Ing. Petr Čermák, Ph.D.
Institute of Computer Science – Faculty of Philosophy and Science in Opava
Course Enrolment Limitations
The course is also offered to the students of the fields other than those the course is directly associated with.
fields of study / plans the course is directly associated with
Course objectives
This course brings how to solve security of IS. Explains design, risks, attacks and policies and how to prevent and also are students acquainted with norms and security tools. IS is described as a unit and each component represents potential risk. The course also brings knowledges about distributed systems, cryptography and LAN/WAN security with actual news and reviews.
Syllabus
  • 1. Introduction - Information and information system, Classification of systems, roles of IS, HW and SW for IS, data and human factor for security level
    2. Basic terms and their definitions and roles - IS, authorization, authentication, vulnerability and its core (HW, SW, human, data). Threat and its characteristics. Security attack. Risk and proactive security, mechanisms and functions.
    3. Security policies - Information and system policy, data and information prevention policy. Types of security policies, plans of backup and restore after attack. Norms for IS security (ČSN ISO/IEC TR 13335-1 - 4).
    4. Risk and its analysis - analysis, determining IS core, identification of activities. Determining of vulnerability and loss, designing security functions and savings prediction. Standard ISO/IEC TR 13335.
    5. Distributed systems and their security - Standard (ISO 7498-2 ISO/OSI Security Architecture), security mechanisms. Parts and services of distributed systems.
    6. Security technologies - IDS (Intrusion Detection System), role and strategy of IDS, IDS types and their structure
    7. Cryptographic systems - basic terms (cryptography, encrypting, decrypting), cryptographic methods, types of cryptography. Types of cryptographic algorithms and secure cryptographic mechanisms.
    8. Electronic signature - principle, definition and security. Trustworthy signature, authorities, electronic certificate, PKI. Legal definition and norms of information security.
    9. Security of communication processes - IS and distributed environment, intranet, Internet. TCP/IP architecture and security mechanisms, description of secure environment decomposed into layers (protocols).
    10. LAN security - basic types of attacks, firewalls, IDS, UTM
    11. Trends in security - attacks, news and reviews
Teaching methods
Interactive lecture
Lecture with a video analysis
Assessment methods
Exam
Language of instruction
Czech
Further comments (probably available only in Czech)
The course can also be completed outside the examination period.
Teacher's information
* 75% attendance in exercises, active participation
* 30 points from seminar work, 70 points exam
The course is also listed under the following terms Summer 2013, Summer 2014, Summer 2015, Summer 2017, Summer 2018, Summer 2019, Summer 2020, Summer 2021.
  • Enrolment Statistics (Summer 2016, recent)
  • Permalink: https://is.slu.cz/course/fpf/summer2016/UIAI027