Aim of the course
The aim of the course is to present all the basic aspects of computer security, particularly the principles of selecting methods and technical means for the implementation of security systems and computer networks.
Constraining the access to computer systems and data. Control of user privileges, identification, authentication and authorization, arrangements for identifying and authenticating users. Privacy of user data, security of system data - databases and data transferred, data encryption, the problem of transmission of keys. Data security on the Internet, electronic signatures and certification, authentication providers, the certification server, secure email. PKI infrastructure and technical facilities necessary for its construction, the properties of cryptographic hardware modules. Protection of systems against intentional damage - the main threats and methods to prevent them. Protection of private networks, typical hazards, attacks on networks and their detection, avoidance and prevention methods. Responding to a breach of security and correctness of the network functioning. Security policy of institutions - the rules of construction and a holistic approach to providing security.
Overview of the course elements
Laboratory classes are intended to enable gaining practical skills to apply the rules for determining, implementing and deploying security policy and the use of tools for this purpose, namely: the use of hardware facilities and cryptographic devices for the protection and authentication of data, control of user permissions, as well as the monitoring of threats and detection of attacks.
1. Adams, C., PKI. Podstawy i zasady działania, PWN , Maj 2007
2. enezes A., van Oorschot P., Vanstone S., Kryptografia stosowana, WNT, 2005
3. Anderson, R., Inżynieria zabezpieczeń, WNT, 2005
4. Lehtinen R., Russell D., Podstawy ochrony komputerów, Wydawnictwo Helion, 2007
5. Zalewski M., Cisza w sieci, Wydawnictwo Helion, 2005