To familiarize students with issues related to the security of digital data and the use of the Internet to conduct secure transactions. Presentation of security mechanisms and threats on the Internet. Teaching and practice using so-called good security practices. Developing skills in recognizing Internet threats. Presentation of examples of so-called good security practices.
Wymagania wstępne
Knowledge of technical aspects of the Internet.
Zakres tematyczny
Basics of cryptographic data protection. Cryptography history, historical algorithms. Symmetrical and asymmetrical algorithms. Hash functions. Applications of cryptographic algorithms in practice. Cryptography in everyday life. Cryptanalysis.
Personal computer security. Malware types, its distribution mechanisms, and ways to protect against it. Security of MS Windows. System updates. Anti-virus software. Software firewalls. Backups.
Controlling access to protected data. Authentication and authorization methods. Protection mechanisms for sensitive data storage. Estimating password strength and power of mechanisms securing access to data. Intrusion into systems - recognition, and prevention. Potential consequences of theft of digital data.
Theft of personal data. Phishing and protection against it.
Threats to ICT systems. DoS and DDoS attacks. Data transmission protection. VPN networks. “Man in the Middle” and spoofing attacks - recognition and defense. Other types of attacks (e.g., SQL injection, XSS scripting). Ensuring electronic security with hardware solutions (role of hardware firewalls, IDS/IPS mechanisms, VPN hubs, routers with integrated services).
Security of mobile devices. Best practices for the safe use of smartphones, tablets, and notebooks. The security of transactions using pay cards like MasterCard, and Visa (incl. wireless cards e.g., PayPass, Visa PayWave). Security mechanisms of popular systems for mobile devices (Android, iOS).
Digital signature. Signature submission and verification. Law basics regarding electronic signature. Additional services (time stamping, multiple signatures, etc.). Qualified signature. Handling certificates.
Secure transactions. SSL protocol. Authorization based on certificates. Threats related to the use of certificates.
Law basics regarding the security of data (incl. personal data). The application of law in the context of the security of e-commerce systems. Comparison of Polish regulations with the EU legislation.
Mechanisms for securing internet transactions on selected examples: electronic banking - access to bank accounts, performing banking operations; electronic stores; Polish government systems: tax offices, e-court, electronic offices, etc.
Metody kształcenia
Lecture - conventional lecture (with the use of video projector).
Laboratory - practical laboratory exercises.
Efekty uczenia się i metody weryfikacji osiągania efektów uczenia się
Opis efektu
Symbole efektów
Metody weryfikacji
Forma zajęć
Warunki zaliczenia
Lecture – the passing condition is to obtain a positive mark from the final test (written or oral).
Laboratory – the passing condition is to obtain positive marks from the laboratory exercises being planned during the semester.
Calculation of the final grade: lecture 50% + laboratory 50%
Literatura podstawowa
Stallings, W., Brown, L., Computer Security: Principles and Practice (4th Edition), Pearson, 2017.
Forshaw, J., Attacking Network Protocols: A Hacker's Guide to Capture, Analysis, and Exploitation (1st Edition), No Starch Press, 2017.
Aumasson, J. P., Serious Cryptography: A Practical Introduction to Modern Encryption, Random House LCC US, 2017.
Lehtinen, R., i in., Computer Security Basics, Helion (O’Reilly), 2006.
Literatura uzupełniająca
Schneier, B., Click Here to Kill Everybody: Security and Survival in a Hyper-connected World, W. W. Norton & Company, 2018.
Mercer, D., Building Online Stores With Oscommerce: Professional Edition, Helion 2007.
Mitnick K., Simon W., Wozniak S., The Art of Deception: Controlling the Human Element of Security, Willey 2002.
Uwagi
Zmodyfikowane przez dr hab. inż. Marek Kowal, prof. UZ (ostatnia modyfikacja: 29-04-2024 15:22)
Ta strona używa ciasteczek (cookies), dzięki którym nasz serwis może działać lepiej. Korzystając z niniejszej strony, wyrażasz zgodę na ich używanie. Dowiedz się więcej.
