Course detail

Information System Security

FEKT-MBISAcad. year: 2018/2019

Modern civilization depends on a correct functioning of information systems. Significant attention must therefore be paid to the security of these systems. On completing the course, students will have a thorough overview of possible methods of securing an information system. Lectures are mainly dedicated to explaining the functioning of cryptography protections, communication protections, access control techniques, and computer protections. Exercises are computational ones and are dedicated to strengthening the theoretical knowledge and to considering quantitatively the different types of protection.

Language of instruction

Czech

Number of ECTS credits

5

Mode of study

Not applicable.

Learning outcomes of the course unit

A student who completes the course will be able to:
• explain the principles of symmetric cryptosystems,
• explain the principles of asymmetric cryptosystems,
• explain the principles of the functioning of communication protections,
• explain the principles of the functioning of access control systems,
• explain the principles of the functioning of computer protections,
• explain the principles of emission protections,
• explain the principles of security evaluation.

Prerequisites

No special knowledge is required.

Co-requisites

Not applicable.

Planned learning activities and teaching methods

Techning methods include lectures and numerical excercises. Course is taking advantage of e-learning system.

Assesment methods and criteria linked to learning outcomes

10 points can be obtained for fulfilling the tasks in computational exercises and 90 points can be obtained for the examination. The examination is a written one and it is to check whether the student is able to explain the principles of different types of securing information systems.

Course curriculum

Lectures:
1. Basic terms.
2. Symmetric cryptosystems.
3. Asymmetric cryptosystems.
4. Protocols for secure communication.
5. Codes for error detection and correction.
6. Protection of communication channels.
7. Filtering methods and intrusion detection systems.
8. Access control.
9. Computer security.
10. Emission security.
11. Information security evaluation.
12. Physical security.
13. Prospective evolutionary trends.

Computational exercises:
1. Introduction to cryptography.
2. Examples of symmetric cryptosystems.
3. Examples of asymmetric cryptosystems.
4. Examples of protocols for secure communication.
5. Examples of codes for error detection and correction.
6. Examples of communication channel protections.
7. Examples of filtering methods and intrusion detection system.
8. Examples of access control systems.
9. Examples of computer protections.
10. Examples of emission security techniques.
11. Methods of information security evaluation.
12. Designing physical security.
13. Credit exercise.

Work placements

Not applicable.

Aims

The goal of the course is to provide students with a good insight into the branch of information system security.

Specification of controlled education, way of implementation and compensation for absences

Computational exercises are obligatory.

Recommended optional programme components

Not applicable.

Prerequisites and corequisites

Not applicable.

Basic literature

BURDA, K. Bezpečnost informačních systémů. Brno: Vysoké učení technické v Brně, 2013. (CS)

Recommended reading

Not applicable.

Classification of course in study plans

  • Programme EEKR-M Master's

    branch M-KAM , 2 year of study, winter semester, elective interdisciplinary
    branch M-TIT , 1 year of study, winter semester, elective specialised

  • Programme EEKR-CZV lifelong learning

    branch EE-FLE , 1 year of study, winter semester, elective specialised

Type of course unit

 

Lecture

26 hod., optionally

Teacher / Lecturer

Syllabus

1. Basic terms.
2. Symmetric cryptosystems.
3. Asymmetric cryptosystems.
4. Secure communications protocols.
5. Emission security.
6. Error codes.
7. Protections of communications channels.
8. Filtering methods, intrusion detection systems.
9. Access control methods.
10. Computer security.
11. Physical protections.
12. Security management in information systems.
13. Security evaluations of information systems.

Fundamentals seminar

26 hod., compulsory

Teacher / Lecturer

Syllabus

1. Applications of secrecy theory.
2. Applications of symmetric cryptography.
3. Applications of asymmetric cryptography.
4. Applications of secure communication protocols.
5. Applications of emission security.
6. Applications of error codes.
7. Applications of spread spectrum methods.
8. Applications of communications controls.
9. Applications of access methods.
10. Applications of software protections.
11. Physical security in practice.
12. Risk management in practice.
13. Applications of ISO 15408.