Module L: Information and communication systems security

Course description

Aspects of security (authentication, privacy, confidentiality, non-repudiation, accessibility). Protection of communication and information systems (security policy, threats, authentication, authorization, firewalls, anti-virus protection). Stream chippers. Symmetric key encryption (DES, IDEA, AES). Asymmetric key encryption (exponential key exchange, RSA, elliptic curves). Hash functions (MD5, SH1). Digital signature. Key management (certificates, authentication, public key infrastructure). Cryptanalysis.

Course is carried out on study programme

Elektrotehnika 2. stopnja

Objectives and competences

To understand the basic principles of data protection during their transfer and storage. To understand security in data access.  To understand the threats and different ways to secure information and communication systems.

Learning and teaching methods

Lectures and lab work. In lectures the students gain theoretical background and in lab they gain some practical experience. Part of the pedagogical process will be carried out with the help of ICT technologies and the opportunities they offer.

Intended learning outcomes

After successful completion of the course, students should be able to:

– identify threats to ICT systems,

– identify various online scams,

– protect the ICT system,

– ensure the integrity of electronic documents,

– assess the security of the ICT system,

– design a security policy.

Reference nosilca

  1. TOMAŽIČ, Sašo (urednik, avtor). VIKING : varna informacijsko komunikacijska infrastruktura naslednje generacije : zaključno poročilo o rezultatih opravljenega raziskovalnega dela na projektu v okviru ciljnega raziskovalnega programa (CRP) "Znanje za varnost in mir 2004-2010". Ljubljana: Univerza, Fakulteta za elektrotehniko, 2006.
  2. TOMAŽIČ, Sašo, VIDMAR, Tone, CIGLARIČ, Mojca, PANČUR, Matjaž, KREVL, Andrej, ZAVEC, Aleš, KOS, Anton. Varnostne politike in standardi varovanja informacij : projekt "Viking". Ljubljana: Univerza v Ljubljani, 2005.
  3. TOMAŽIČ, Sašo. Varnost v telekomunikacijah in kako jo zagotoviti. Štirinajsta delavnica o telekomunikacijah, Brdo pri Kranju, 2003, str. 9-14.
  4. ŽNIDAR, Simon, TOMAŽIČ, Sašo. Načrtovanje varnostne politike. Peta delavnica o telekomunikacijah, Brdo pri Kranju, 1997,  str.1-10.
  5. TOMAŽIČ, Sašo. Celovitost podatkov in veda o šifriranju, Peta delavnica o telekomunikacijah, Brdo pri Kranju, 1997. str. 1-14.

Study materials

  1. Sašo Tomažič, Varnost informacijsko komunikacijskih sistemov, 2014 (Objavljena elektronska knjiga kot študijsko gradivo).
  2. A. J. Menezes,  P. C. Oorschot, Scott A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1997.
  3. G. J. Simmons (editor), Contemporary Criptology, The Science of Information Integrity, IEEE Press, 1991.
  4. M. Jagodič, S. Tomažič (urednika), Varnost in zaščita v telekomunikacijskih omrežjih. Elektrotehniška zveza Slovenije, Ljubljana, 1997.

Bodi na tekočem

Univerza v Ljubljani, Fakulteta za elektrotehniko, Tržaška cesta 25, 1000 Ljubljana

E: T:  01 4768 411