B_BI Information Security

University of Finance and Administration
Winter 2014
Extent and Intensity
2/0. 6 credit(s). Type of Completion: zk (examination).
Teacher(s)
RNDr. Petr Tesař, Ph.D. (seminar tutor)
Guaranteed by
doc. RNDr. Jan Lánský, Ph.D.
Department of Computer Science and Mathematics – Departments – University of Finance and Administration
Contact Person: Tamara Urbánková
Timetable of Seminar Groups
B_BI/pAPH: Tue 17:30–18:14 E228, Tue 18:15–19:00 E228, P. Tesař
Prerequisites
There are no prerequisites for this course.
Course Enrolment Limitations
The course is also offered to the students of the fields other than those the course is directly associated with.
fields of study / plans the course is directly associated with
Course objectives
After completing the course the student will be able to handle basic theory, legislative framework and practical approaches to information protection. It will have a deeper knowledge of the means used in the field of cryptographic protection of information.
Syllabus
  • 3.1 Basics of Information Security - definitions of basic terms, why deal with security, how to deal with safety, security features, security mechanisms, security policies. 3.2 Legislative framework - the classification of sensitive information, the Act on the Protection of Classified Information and Security, the Law on Personal Data Protection , the Law on Electronic Communications, the Commercial Code , the law on capital market, the law on electronic signature. 3.3 Standards in the field of information security - Family ISO 27k. 3.4 Information Security Management System - Safety Management, ISMS, PDCA cycle, documentation. 3.5 History and mathematical foundations of cryptography - basic definitions, history, classical ciphers, Shannon's theory of security ciphers. 3.6 Complexity and primality in cryptology - the Turing machine, complexity classes, their prime properties, prime in cryptology . 3.7 Modern symmetric ciphers - definition, construction elements of modern symmetric ciphers, linear feedback registers, substitution boxes (S- boxes), stream ciphers, block ciphers. 3.8 Block ciphers DES and AES - description of DES , DES modes of operation, cryptanalytic attacks on DES , AES description . 3.9 Asymmetric cryptography - the definition, the use of asymmetric algorithms, list of algorithms related to NP problems, RSA, ElGamal, elliptic curve cryptography. 3.10 PKI and digital signature - definition of PKI, PKI layer, definition and use hash algorithms, MD5, SHA-X class, the electronic signature. 3.11 RNG and cryptographic protocols - distribution random number generators, advantages and disadvantages of each type, testing random sequences, RNG in cryptography, the distribution of cryptographic protocols, Diffie - Helmann protocol , Rivest -Shamir protocol, Shamir protocol of distribution secret, PKCS standards. 3.12 Microsoft and cryptography - server operating systems, OS MS Windows workstation, MS Office, True Crypt. Literature Required: Zákon č. 412/2005 Sb., o ochraně utajovaných informací a o bezpečnostní způsobilosti Zákon č. 101/2000 Sb., o ochraně osobních údajů Zákon č. 127/2005 Sb., o elektronických komunikacích Zákon č. 513/1991 Sb., Obchodní zákoník Zákon č. 256/2004 Sb., o podnikání na kapitálovém trhu Zákon č. 227/2000 Sb., o elektronickém podpisu ISO/IEC 27001:2005 Specification for an Information Security Management System P.Hanáček, J.Staudek : Bezpečnost informačních systémů, ÚSIS Praha, 2000 J.Přibyl, J.Kodl : Ochrana dat v informatice, Vydavatelství ČVUT, 1996 E.Ochodková: Matematické základy kryptografických algoritmů, 2011 dostupné na http://mi21.vsb.cz L.Dostálek a kol.: Velký průvodce protokoly TCP/IP:Bezpečnost,Computer Press, Praha, 2001 FIPS – 197: Advanced Encryption Standard (AES), NIST 2001 Recommended ISO/IEC 27002:2005 Code of practice for information security management A.J.Menezes, P.C. van Oorschot, S.A.Vanstone : Handbook of Applied Cryptography, CRC Press, 1996, available on the Internet. MS-OFFCRYPTO: Office Document Cryptography Structure Specification 2007 Microsoft Office Systém Document Encryption N.Ferguson: AES-CBC + Elephant diffuser A Disk Algorithm for Windows Vista, Microsoft, August 2006 K.Eisenkolb, M.Gokhan, H.Weickardt: Bezpečnost Windows 2000/XP, Computer Press Praha 2003
Literature
  • Viz Osnova - See to Syllabus
Teaching methods
Lectures and self-study.
Assessment methods
Course is completion of the exam, which consists of a written and oral examination. The written part consists of 5 ranking examples. The written part is scored and the mark is taken into account in the overall assessment. To pass the written you need to get at least 40% of the points. Passing the written part is a necessary condition for access to the oral examination, which consists of two questions. Covers the whole range of issues put forward by the area. To pass the oral exam is required to answer at least two questions on the evaluation of E.
Language of instruction
Czech
Further comments (probably available only in Czech)
The course can also be completed outside the examination period.
Information on the extent and intensity of the course: 10 hodin KS/semestr.
The course is also listed under the following terms Winter 2007, Summer 2008, Winter 2008, Winter 2009, Winter 2010, Winter 2011, summer 2012, Winter 2012, Winter 2013, Winter 2015, Winter 2016, Winter 2017, Winter 2018, Winter 2019, Winter 2020, Summer 2021, Summer 2022, Summer 2023, Summer 2024, Summer 2025.
  • Enrolment Statistics (Winter 2014, recent)
  • Permalink: https://is.vsfs.cz/course/vsfs/winter2014/B_BI