|
Lecturer(s)
|
-
Mlýnek Jaroslav, doc. RNDr. CSc.
|
|
Course content
|
1. Importance of information for business company (electronic information is a part of the most important company assets, company dependence on the processing of electronic information, necessity of information securing from the point of view of confidentiality, integrity and availability) 2. Main reasons of information securing (obligations arisen from valid legislation, commitments to other companies, own business interests of a company) 3. Procedure of securing information realisation (risk analysis of IS, determination of information owners, security policy of IS, realization of the information protection) 4. The methods of risk analysis (detailed methods, basic approach, informal approach, using of concrete methods: CRAMM - CCTA Risk Analysis Management Method, IPAK, FRAP) 5. Security policy (security policy of IS, system security policies, security documentation) 6. Realisation of safeguards (areas of realisation, concrete safeguards) 7. Introduction to cryptography 8. One-way function, hash function (SHA-1), checksums 9. Symmetric cryptosystems (AES, DES, Triple DES) 10. Asymmetric cryptosystems (RSA) 11. Digital signature, certification authority (CA) 12. The principle of elliptic curves 13. Cryptography and legislation (Czech Republic and the European Union) 14. Reserve
|
|
Learning activities and teaching methods
|
Monological explanation (lecture, presentation,briefing)
- Class attendance
- 28 hours per semester
- Home preparation for classes
- 28 hours per semester
- Preparation for exam
- 40 hours per semester
- Semestral paper
- 24 hours per semester
|
|
Learning outcomes
|
The aim of a course is to inform students about the principles, rules and practical realisation of management of electronic information security in a business company. The subject offers basic information about methods of realisation of information system risk analysis including possible approaches to information evaluation, choosing adequate safeguards to secure confidentiality, integrity and availability of important business information. The stress is put on the usage of cryptographic methods (hash functions, checksums, symmetric and asymmetric cryptosystems, digital signature, activities of certificate authority). The connection of cryptography methods with present legislative system of the Czech Republic and the European Union will be explained as well.
Basic methods to secure information and management of electronic information secure.
|
|
Prerequisites
|
Basic course of higher mathematics
|
|
Assessment methods and criteria
|
Combined examination
Exam from mathematics. Exam: written + oral part
|
|
Recommended literature
|
-
International Standard ČSN/ISO/IEC 17799:2000 Code of Practice for Information Security Managemant.
-
Bosáková, D. a kol.:. Elektronický podpis. GRADA Praha, 2002. ISBN 80-7263-125-X.
-
Cimino, A. Příběh kryptologie. Dobrovský s.r.o., 2018. ISBN 978-80-7390-887-4.
-
Menezes, A., Oorschot, P., Vastone, S:. Handbook of Applied Cryptography. CRC Press, Boca Raton, USA, 2001. ISBN 0-8493-8523-7.
-
Mlýnek, J.:. Zabezpečení obchodních informací. Computer Press, Brno, 2007. ISBN 978-80-251-1511-4.
-
Přibyl , J.:. Informační bezpečnost a utajování zpráv. ČVUT, fak. elektrotechnická, vydavatelství ČVUT, Praha, 2004. ISBN 80-01-02863-1.
-
Schneier, B.:. Applied Cryptography. John Wiley & sons, New York, USA, 1996. ISBN 0-471-59756-2.
-
Smejkal, V., Rais, K. Řízení rizik. Grada, Praha, 2003. ISBN 80-247-0198-7.
|