Summer Semester 2009/10
Summer Semester 2010/11
Summer Semester 2011/12
Security of information systems TS2B100007
Course content:
The essentials of security of information systems. Comprehensive approach to defining politics of information security. Sources of threats to information security. Procedures for detection of security violations and corresponding methods of reaction. Security audits of information systems. Theory of cryptographic data protection. Types of ciphers and their properties. Architecture of Public Key Infrastructure (PKI) systems. Digital signatures and secure user authentication. Fundamentals of steganography and watermarking. Selected technologies for securing information systems. Compromising emanation as a source of security threats and recommended methods of protection. Approaches to evaluating and managing information security risks (e.g. OCTAVE). Current standards connected with security of information systems.
Learning outcomes:
Obtaining knowledge of security issues and solutions for information systems.
(in Polish) Rodzaj przedmiotu
Course coordinators
Bibliography
a) basic references:
1. Stallings W.: Cryptography and Network Security Principles and Practices. Fourth Edition. Prentice Hall, 2005.
2. Adams C., Lloyd S.: Understanding PKI: Concepts, Standards, and Deployment Considerations. Second edition. Addison-Wesley Professional, 2002.
3. Białas A.: Bezpieczeństwo informacji i usług w nowoczesnej instytucji i firmie. WNT, Warszawa, 2007.
4. Polaczek T.: Audyt bezpieczeństwa informacji w praktyce. Helion, Gliwice, 2006.
5. Preston W. C.: Backup & Recovery. O'Reilly Media, Inc, 2007.
b) supplementary references:
1. Jones K.J., Bejtlich R., Rose C.W.: Real Digital Forensics: Computer Security and Incident Response. Addison-Wesley Professional, 2005.
2. Pieprzyk J., Hardjono T., Seberry J.: Fundamentals of Computer Security. Springer, 2003.
3. RSA Laboratories: Frequently Asked Questions about Today’s Cryptography.Available at http://www.rsa.com/rsalabs/