VSFS:B_BI Information Security - Course Information
B_BI Information Security
University of Finance and AdministrationWinter 2013
- Extent and Intensity
- 2/0. 6 credit(s). Type of Completion: zk (examination).
- Teacher(s)
- RNDr. Petr Tesař, Ph.D. (lecturer)
- Guaranteed by
- doc. RNDr. Jan Lánský, Ph.D.
Department of Computer Science and Mathematics – Departments – University of Finance and Administration
Contact Person: Dagmar Medová, DiS. - Timetable of Seminar Groups
- B_BI/pAPH: Wed 15:45–16:29 E122, Wed 16:30–17:15 E122, P. Tesař
B_BI/vAPH: Sat 2. 11. 9:45–11:15 E128, 11:30–13:00 E128, Fri 15. 11. 17:15–18:45 E128, Fri 13. 12. 15:30–17:00 E128, 17:15–18:45 E128, P. Tesař - Prerequisites
- There are no prerequisites for this course.
- Course Enrolment Limitations
- The course is also offered to the students of the fields other than those the course is directly associated with.
- fields of study / plans the course is directly associated with
- Applied Informatics (programme VSFS, B-INF) (2)
- Course objectives
- After completing the course the student will be able to handle basic theory, legislative framework and practical approaches to information protection. It will have a deeper knowledge of the means used in the field of cryptographic protection of information.
- Syllabus
- 3.1 Basics of Information Security - definitions of basic terms, why deal with security, how to deal with safety, security features, security mechanisms, security policies. 3.2 Legislative framework - the classification of sensitive information, the Act on the Protection of Classified Information and Security, the Law on Personal Data Protection , the Law on Electronic Communications, the Commercial Code , the law on capital market, the law on electronic signature. 3.3 Standards in the field of information security - Family ISO 27k. 3.4 Information Security Management System - Safety Management, ISMS, PDCA cycle, documentation. 3.5 History and mathematical foundations of cryptography - basic definitions, history, classical ciphers, Shannon's theory of security ciphers. 3.6 Complexity and primality in cryptology - the Turing machine, complexity classes, their prime properties, prime in cryptology . 3.7 Modern symmetric ciphers - definition, construction elements of modern symmetric ciphers, linear feedback registers, substitution boxes (S- boxes), stream ciphers, block ciphers. 3.8 Block ciphers DES and AES - description of DES , DES modes of operation, cryptanalytic attacks on DES , AES description . 3.9 Asymmetric cryptography - the definition, the use of asymmetric algorithms, list of algorithms related to NP problems, RSA, ElGamal, elliptic curve cryptography. 3.10 PKI and digital signature - definition of PKI, PKI layer, definition and use hash algorithms, MD5, SHA-X class, the electronic signature. 3.11 RNG and cryptographic protocols - distribution random number generators, advantages and disadvantages of each type, testing random sequences, RNG in cryptography, the distribution of cryptographic protocols, Diffie - Helmann protocol , Rivest -Shamir protocol, Shamir protocol of distribution secret, PKCS standards. 3.12 Microsoft and cryptography - server operating systems, OS MS Windows workstation, MS Office, True Crypt. Literature Required: Zákon č. 412/2005 Sb., o ochraně utajovaných informací a o bezpečnostní způsobilosti Zákon č. 101/2000 Sb., o ochraně osobních údajů Zákon č. 127/2005 Sb., o elektronických komunikacích Zákon č. 513/1991 Sb., Obchodní zákoník Zákon č. 256/2004 Sb., o podnikání na kapitálovém trhu Zákon č. 227/2000 Sb., o elektronickém podpisu ISO/IEC 27001:2005 Specification for an Information Security Management System P.Hanáček, J.Staudek : Bezpečnost informačních systémů, ÚSIS Praha, 2000 J.Přibyl, J.Kodl : Ochrana dat v informatice, Vydavatelství ČVUT, 1996 E.Ochodková: Matematické základy kryptografických algoritmů, 2011 dostupné na http://mi21.vsb.cz L.Dostálek a kol.: Velký průvodce protokoly TCP/IP:Bezpečnost,Computer Press, Praha, 2001 FIPS – 197: Advanced Encryption Standard (AES), NIST 2001 Recommended ISO/IEC 27002:2005 Code of practice for information security management A.J.Menezes, P.C. van Oorschot, S.A.Vanstone : Handbook of Applied Cryptography, CRC Press, 1996, available on the Internet. MS-OFFCRYPTO: Office Document Cryptography Structure Specification 2007 Microsoft Office Systém Document Encryption N.Ferguson: AES-CBC + Elephant diffuser A Disk Algorithm for Windows Vista, Microsoft, August 2006 K.Eisenkolb, M.Gokhan, H.Weickardt: Bezpečnost Windows 2000/XP, Computer Press Praha 2003
- Literature
- Viz Osnova - See to Syllabus
- Teaching methods
- Lectures and self-study.
- Assessment methods
- Course is completion of the exam, which consists of a written and oral examination. The written part consists of 5 ranking examples. The written part is scored and the mark is taken into account in the overall assessment. To pass the written you need to get at least 40% of the points. Passing the written part is a necessary condition for access to the oral examination, which consists of two questions. Covers the whole range of issues put forward by the area. To pass the oral exam is required to answer at least two questions on the evaluation of E.
- Language of instruction
- Czech
- Further comments (probably available only in Czech)
- The course can also be completed outside the examination period.
General note: Cd1.
Information on the extent and intensity of the course: 10 hodin KS/semestr.
- Enrolment Statistics (Winter 2013, recent)
- Permalink: https://is.vsfs.cz/course/vsfs/winter2013/B_BI