Course code InfT3041
Credit points 3
Security of Information Systems and Data I
Total Hours in Course81
Number of hours for lectures16
Number of hours for seminars and practical classes16
Independent study hours49
Date of course confirmation19.01.2022
Responsible UnitInstitute of Computer Systems and Data Science
Course developers
prof.
Pēteris Rivža
Dr. habil. sc. ing.
lect.
Nauris Pauliņš
Mg. sc. ing.
Course abstract
Students get acquainted with modern specifics in the protection of information systems and the use of geoinformation data on their interactions. The growth of digital communications and computing capabilities, along with the development of the Internet of Things, is also giving increasing importance to the role of geoinformation in IT security. These are large data sets that need to be managed correctly and securely, while being able to use these data in the context of both infrastructure protection and geolocation. The course examines the possibilities of using data in the context of geoinformation, as well as data protection methods and problems, such as access control, data flow control, etc. Computer network security issues, such as IP protection, firewalls, and intrusion detection, are covered. The course provides a practical insight into solving information systems and data protection problems.
Learning outcomes and their assessment
As a result of mastering the course students:
• know the importance of the use of geoinformation in data processing and information security, the possibilities of using cryptographic algorithms in information protection, the means of their implementation and the possibilities of their practical application in the protection of computer networks (tests, an independent work);
• are able to use information protection tools in practice and to independently construct “public-key” encryption algorithms (practical ssignments);
• are able when working in a group or performing work independently, to use information protection methods and tools, as well as to convince participants and argue their opinion (tests, an independent work).
Course Content(Calendar)
Full-time full-time studies:
1. Specifics of modern data processing in connection with geospatial data, connection of geoinformatics with information systems security. (1h)
2. Problems to be solved in the protection of data and information systems and existing threats, basic concepts, the role of cryptography in the protection of data and information systems. (1h)
3. Classification of cryptographic algorithms, specifics and development of their application. (1h)
4. Symmetric and asymmetric encryption algorithms. Hybrid encryption. (1h)
5. Ensuring data integrity, modern hash function algorithms. (1h)
6. Authentication methods. Authentication protocols and systems. Key management. Public key infrastructure and electronic signature. (1h)
7. Standards and protocols used in Internet communication. (1h)
8. Electronic mail security. (1h)
9. Malware programs. Perspective methods of antivirus protection. (1h)
10. Security testing of computer networks and information systems. Intrusion methodology as protection. Detection of offenders. (1h)
11. Firewalls as intrusion and data leakage protection systems. (1h)
12. Wireless network security. (1h)
13. Cloud computing security. Zero trust security model. (1h)
14. Blockchain technologies and their application. (1h)
15. Internet of Things, their security specifics and protection methods. (1h)
16. Legal and ethical issues of information systems and data protection. (1h)
Part-time studies:
All topics specified for full-time studies are implemented, but the number of contact hours is 1/2 of the specified number of hours
Requirements for awarding credit points
As part of the course, students must complete the required practical work, pass 2 theoretical tests with a positive grade (test 1 - cryptography, test 2 - data security), and present their independent work.
Description of the organization and tasks of students’ independent work
The student chooses a topic from the offered current topics in cryptography and data protection (can propose their own topic) and prepares a presentation. The presentation and performance are evaluated.
Criteria for Evaluating Learning Outcomes
The final grade of "passed" at the end of the course consists of 2 theoretical tests and an assessment of independent work.
Compulsory reading
1. Smith R.E. Elementary Information Security. 3rd Edition. , Burlington, Massachusetts: Jones & Bartlett Learning, 2019. 708 p.
2. Jason A. Foundations of Information Security: A Straightforward Introduction., San Francisco: No Starch Press., 2019., 248 p.
3.Stallings W. Cryptography and Network Security: principles and practices. Seventh Edition. New Jersey: Pearson Education, 2016,
Stallings W. Cryptography and network security: principles and practices. 4th ed. Upper Saddle River, New Jersey: Pearson Education, 2006. 680 p. Ir LLU FB 1 eks.
Further reading
1. Paar C., Pelzl J. Understanding cryptography: a textbook for students and practitioners. Heidelberg; New York: Springer, 2010. 372 p.
2. Whitman M. E., Mattord H. J., Principles of information security. Sixth Edition. Australia: Cengage Learning, 2018. 728 p.
Periodicals and other sources
Technical Resource and Course Web Site for Cryptography and Network Security. [Skatīts 04.10.2021] Pieejams: http://www.williamstallings.com/Crypto3e.html
Notes
Professional higher education bachelor study program “Geoinformatics and Remote Sensing” in full-time studies and part-time studies.