MVŠO:YSDP ICT Security and Data Protecti - Informace o předmětu

YSDP ICT Security and Data Protection

Rozsah

8/0/0. Přednáška 8 HOD/SEM. 3 kr. Ukončení: zk.

Vyučující

Ing. Lukáš Pavlík, Ph.D. (přednášející)

Garance

Ing. Lukáš Pavlík, Ph.D.
Moravská vysoká škola Olomouc
Dodavatelské pracoviště: Moravská vysoká škola Olomouc

Omezení zápisu do předmětu

Předmět je otevřen studentům libovolného oboru.

Cíle předmětu

The aim of the course is to acquaint students with various aspects of security and data protection in information systems. Students should be familiar with the terminology in the field of security, what kinds of threats exist and how we can defend against them. The course focuses on the entire life cycle of IS - from the design of IS, through its deployment into a company and to its operation. The key issue is the information security management system in accordance with the applicable standards (series ISO / IEC 27000). A part of the course deals with digital documents and tools for documents security, such as electronic signature, electronic seal and timestamp in connection to the Regulation eIDAS and the Czech law No. 297/2016. Students will become familiar with the laws and technical standards that govern a security of ICT. The issue of cybercrime, including its detection and investigation is included into the interpretation too. This course thus can be concurrently considered as an introduction to cryptology. After passing out this course, students will be able to understand the issues of IS (ICT) security, to know the basic threats in the field of information processing, to orientate themselves on the security aspects of computer systems and networks, to understand the various steps in building a secured IS, to know the legal and technical standards in the ICT security, to control the issue of electronic documents and tools for their authentication (electronic signatures, electronic seals and timestamps), to understand the basic aspects of cryptography, to provide data backup and recovery of system, and will have a global knowledge of the facts in cybercrime issues and about securing evidence in computer systems.

Osnova

• 1. Introduction to the issue of security - the concept of security, enterprise information security, ICT/IS security, specification of basic threats; legal and technical standards in the field of ICT security
  2. Multi-layered security (defence in depth) of information systems
  3. Security in operating systems, access management, identification, authentication, authorization
  4. Internet security, protocols, wireless networks
  5. Workstation security
  6. Information security management system - ISO / IEC 27000, PDCA, ITIL methodology principles
  7. Security risk analysis (identification of assets, risk assessment, the draft of countermeasures, etc.)
  8. Realization of security - conception of security, security policy, security measures
  9. Cryptography (symmetric/asymmetric algorithms), hash functions, key management, PKI, etc.
  10. Papers and electronic documents - definition, properties, security and authentication, electronic signature, biometric dynamic signature, electronic stamp and time stamp, eIDAS Regulation and Act No. 297/2016
  11. Data backup and recovery of system
  12. Cybercrime - facts in issues, crime detection and investigation (perpetrators, expertise and expert opinions)
  The teaching methods used include: information-receptive methods (interpretation, explanation, description), verbal and demonstration methods (presentation). Further methods used: reproductive (testing, examination, repeating), problem interpretation methods and case studies.
  

Literatura

povinná literatura
• KODL JINDŘICH A VLADIMÍR SMEJKAL. ICT Security and Data Protection. Olomouc: Moravská vysoká škola Olomouc, 2018. info
• Information Security Management Systems - Overview and Vocabulary. International Organization for Standardization, 2016. info
• Information Security Management Systems - Requirements. International Organization for Standardization, 2016. info
• Code of Practice for Information Security Controls. International Organization for Standardization, 2015. info
• SMEJKAL, Vladimír. Kybernetická kriminalita. Plzeň: Aleš Čeněk, 2015. ISBN 978-80-738-0501-2. info
• Information Security Risk Management. International Organization for Standardization, 2011. info
• Information Security Management System Implementation Guidance. International Organization for Standardization, 2010. info
• CLARK, David Leon. Enterprise Security: A Manager's Defense Guide. Boston: Addison-Wesley Longman Publishing Co., I, 2002. ISBN 978-02-017-1972-7. info
• MENEZES, Alfred, Paul C. Van OORSCHOT a Scott A. VANSTONE. Handbook of Applied Cryptography. Boca Raton: CRC Press, 1997. ISBN 0-8493-8523-7. info
• SCHNEIER, Bruce. Applied Cryptography, Second Edition: Protocols, Algorithms, and Source Code in C. ew York: John Wiley & Sons, 1996. ISBN 0471117099. info

doporučená literatura
• Data security management. Praha: TATE International. info
• SMEJKAL, Vladimír a Karel RAIS. Řízení rizik ve firmách a jiných organizacích. Praha: Grada, 2013. ISBN 978-80-247-4644-9. info
• MATES, Pavel a Vladimír SMEJKAL. E-government v České republice: právní a technologické aspekty. 2. podstatně přeprac. a rozš. vyd. Praha: Leges, 2012. ISBN 978-80-875-7636-6. info
• DOUCEK, Petr et al. Řízení bezpečnosti informací: 2. rozšířené vydání o BCM. Praha: Professional Publishing, 2011. ISBN 978-80-743-1050-8. info

Metody hodnocení

Zkouška: kombinovaná - písemná část (test) a ústní.

Vyučovací jazyk

Angličtina

Informace učitele

https://teams.microsoft.com/l/team/19%3abdbe66adee6d4fef92a2ff74a27e5507%40thread.tacv2/conversations?groupId=5dd539fc-62e5-43f5-bf80-39f115198cd0&tenantId=ed27fc21-8d98-4df9-af69-7fce8cea652b

Další komentáře

Předmět je dovoleno ukončit i mimo zkouškové období.
Předmět je vyučován každoročně.
Výuka probíhá blokově.

• Statistika zápisu (nejnovější)
  
• Permalink: https://is.mvso.cz/predmet/mvso/leto2022/YSDP