UINK127 Application Security

Faculty of Philosophy and Science in Opava
Summer 2017
Extent and Intensity
0/0. 3 credit(s). Type of Completion: zk (examination).
Teacher(s)
RNDr. Šárka Vavrečková, Ph.D. (lecturer)
Guaranteed by
doc. Ing. Petr Sosík, Dr.
Institute of Computer Science – Faculty of Philosophy and Science in Opava
Prerequisites (in Czech)
Předmět je určen studentům, kteří již mají základní znalosti v oblasti počítačových sítí (např. z předmětu "Počítačová síť a Internet") a programování.
Course Enrolment Limitations
The course is also offered to the students of the fields other than those the course is directly associated with.
fields of study / plans the course is directly associated with
Course objectives
The most applications are developed as web applications. If an application is not correctly developed, it is very easy prey for people from a hackers community, including industrial espionage. Each application would meet at least these requirements: * confidentiality * accessibility * integrity We deal with applying security policies during web applications development, and application layer security generally as well.
Syllabus
  • 1. The legal environment defining applications development, application security in Czech Republic and EU.
    2. Development of web applications.
    3. Web application firewall - why L7 security is as important as L4 firewall.
    4. Web application firewall - DoS attacks protection on L7.
    5. PCI Security standard framework.
Literature
    recommended literature
  • RFC standards. URL info
  • Sdělení ČNB o doporučení pro bezpečnost internetových plateb. URL info
  • The Open Web Application Security Project (OWASP). URL info
  • The PCI Security Standards Council. URL info
  • Zákon č. 101/2000 Sb., o ochraně osobních údajů, ve znění účinném od 1. ledna 2015. URL info
  • Zákon č. 181/2014 Sb., o kybernetické bezpečnosti a příslušné prováděcí předpisy. URL info
  • Jirovský, Václav. Kybernetická kriminalita: nejen o hackingu, crackingu, virech a trojských koních bez tajemství. Praha: Grada, 2007. ISBN 978-80-247-1561-2. URL info
  • Doseděl, Tomáš. Počítačová bezpečnost a ochrana dat. Brno: Computer Press, 2004. ISBN 80-251-0106-1. info
Teaching methods
Interactive lecture
Lecture with a video analysis
Assessment methods
Exam
Language of instruction
Czech
Further comments (probably available only in Czech)
The course can also be completed outside the examination period.
Information on the extent and intensity of the course: Přednáška 6 HOD/SEM.
Teacher's information
* 75% attendance in exercises, active participation
* Written and Practical exam
The course is also listed under the following terms Summer 2018, Summer 2019, Summer 2020, Summer 2021, Summer 2022, Summer 2023.
  • Enrolment Statistics (Summer 2017, recent)
  • Permalink: https://is.slu.cz/course/fpf/summer2017/UINK127