Subject description
Aspects of security (authentication, privacy, confidentiality, non-repudiation, accessibility). Protection of communication and information systems (security policy, threats, authentication, authorization, firewalls, anti-virus protection). Stream chippers. Symmetric key encryption (DES, IDEA, AES). Asymmetric key encryption (exponential key exchange, RSA, elliptic curves). Hash functions (MD5, SH1). Digital signature. Key management (certificates, authentication, public key infrastructure). Cryptanalysis.
The subject is taught in programs
Objectives and competences
To understand the basic principles of data protection during their transfer and storage. To understand security in data access. To understand the threats and different ways to secure information and communication systems.
Teaching and learning methods
Lectures and lab work. In lectures the students gain theoretical background and in lab they gain some practical experience. Part of the pedagogical process will be carried out with the help of ICT technologies and the opportunities they offer.
Expected study results
After successful completion of the course, students should be able to:
– identify threats to ICT systems,
– identify various online scams,
– protect the ICT system,
– ensure the integrity of electronic documents,
– assess the security of the ICT system,
– design a security policy.
Basic sources and literature
- Sašo Tomažič, Varnost informacijsko komunikacijskih sistemov, 2014 (Objavljena elektronska knjiga kot študijsko gradivo).
- A. J. Menezes, P. C. Oorschot, Scott A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1997.
- G. J. Simmons (editor), Contemporary Criptology, The Science of Information Integrity, IEEE Press, 1991.
- M. Jagodič, S. Tomažič (urednika), Varnost in zaščita v telekomunikacijskih omrežjih. Elektrotehniška zveza Slovenije, Ljubljana, 1997.