FPF:UIINK45 Application Security - Course Information
UIINK45 Application Security
Faculty of Philosophy and Science in OpavaSummer 2020
- Extent and Intensity
- 10/0/0. 4 credit(s). Type of Completion: zk (examination).
- Guaranteed by
- Institute of Computer Science – Faculty of Philosophy and Science in Opava
- Prerequisites (in Czech)
- TYP_STUDIA(B)
- Course Enrolment Limitations
- The course is offered to students of any study field.
- Course objectives
- Currently, most applications are developed as web applications. If the application is not properly developed, it provides an easy target for attacks by the hacking community (under this term we summarize how an individual's interest in misusing this information, industrial espionage, or espionage itself). Each application should meet at least the following parameters: Confidentiality, Availability, Integrity. In this course, we focus primarily on the application of security principles in Web application development and also generally security on the application layer RM ISO / OSI.
- Learning outcomes
- Students will be able to:
- describe general recommendations based on EU standards;
- summarize the development process of web applications;
- compare and highlight differences in protection against DOS attacks on the seventh layer of the OSI model with protection against DOS attacks on the fourth layer OSI model; - Syllabus
- 1. The legal environment defining application development, application security in Czech Republic and EU.
- 2. Development of web applications.
- 3. Web application firewall - why L7 security is as important as L4 firewall.
- 4. Web application firewall - DoS attacks protection on L7.
- 5. PCI Security standard framework.
- Literature
- recommended literature
- RFC standards [online]. URL info
- The PCI Security Standards Council [online]. URL info
- Zákon č. 101/2000 Sb., o ochraně osobních údajů, ve znění účinném od 1. ledna 2015. URL info
- Zákon č. 181/2014 Sb., o kybernetické bezpečnosti a příslušné prováděcí předpisy. URL info
- Národní úřad pro kybernetickou a infomační bezpečnost [online]. Dostupné na: https://www.govcert.cz/cs/zkb/legislativa/
- Jirovský, Václav. Kybernetická kriminalita: nejen o hackingu, crackingu, virech a trojských koních bez tajemství. Praha: Grada, 2007. ISBN 978-80-247-1561-2. URL info
- Doseděl, Tomáš. Počítačová bezpečnost a ochrana dat. Brno: Computer Press, 2004. ISBN 80-251-0106-1. info
- Teaching methods
- Interactive lectures
Tutorials in computer class - Assessment methods
- Credit: a practical form of verification of study results. Exam: a written form of verification of study results.
- Language of instruction
- Czech
- Further comments (probably available only in Czech)
- The course can also be completed outside the examination period.
Information on the extent and intensity of the course: Přednáška 10 HOD/SEM.
- Enrolment Statistics (Summer 2020, recent)
- Permalink: https://is.slu.cz/course/fpf/summer2020/UIINK45