FPF:UIAI027 Security of Information System - Course Information
UIAI027 Security of Information Systems
Faculty of Philosophy and Science in OpavaSummer 2014
- Extent and Intensity
- 2/0/0. 4 credit(s). Type of Completion: zk (examination).
- Teacher(s)
- doc. Ing. Petr Čermák, Ph.D. (lecturer)
- Guaranteed by
- doc. Ing. Petr Čermák, Ph.D.
Institute of Computer Science – Faculty of Philosophy and Science in Opava - Course Enrolment Limitations
- The course is also offered to the students of the fields other than those the course is directly associated with.
- fields of study / plans the course is directly associated with
- Applied Computer Science (programme FPF, B1802 AplI)
- Course objectives
- This course brings how to solve security of IS. Explains design, risks, attacks and policies and how to prevent and also are students acquainted with norms and security tools. IS is described as a unit and each component represents potential risk. The course also brings knowledges about distributed systems, cryptography and LAN/WAN security with actual news and reviews.
- Syllabus
- 1. Introduction - Information and information system, Classification of systems, roles of IS, HW and SW for IS, data and human factor for security level
2. Basic terms and their definitions and roles - IS, authorization, authentication, vulnerability and its core (HW, SW, human, data). Threat and its characteristics. Security attack. Risk and proactive security, mechanisms and functions.
3. Security policies - Information and system policy, data and information prevention policy. Types of security policies, plans of backup and restore after attack. Norms for IS security (ČSN ISO/IEC TR 13335-1 - 4).
4. Risk and its analysis - analysis, determining IS core, identification of activities. Determining of vulnerability and loss, designing security functions and savings prediction. Standard ISO/IEC TR 13335.
5. Distributed systems and their security - Standard (ISO 7498-2 ISO/OSI Security Architecture), security mechanisms. Parts and services of distributed systems.
6. Security technologies - IDS (Intrusion Detection System), role and strategy of IDS, IDS types and their structure
7. Cryptographic systems - basic terms (cryptography, encrypting, decrypting), cryptographic methods, types of cryptography. Types of cryptographic algorithms and secure cryptographic mechanisms.
8. Electronic signature - principle, definition and security. Trustworthy signature, authorities, electronic certificate, PKI. Legal definition and norms of information security.
9. Security of communication processes - IS and distributed environment, intranet, Internet. TCP/IP architecture and security mechanisms, description of secure environment decomposed into layers (protocols).
10. LAN security - basic types of attacks, firewalls, IDS, UTM
11. Trends in security - attacks, news and reviews
- 1. Introduction - Information and information system, Classification of systems, roles of IS, HW and SW for IS, data and human factor for security level
- Language of instruction
- Czech
- Further Comments
- The course can also be completed outside the examination period.
- Teacher's information
- * 75% attendance in exercises, active participation
* 30 points from seminar work, 70 points exam
- Enrolment Statistics (Summer 2014, recent)
- Permalink: https://is.slu.cz/course/fpf/summer2014/UIAI027