Do you want to know how encrypted data can be processed correctly so that a processor is “not aware” of their content? Would you like to know how BitCoin works and be able to make a similar solution on your own? Are you interested in becoming a (chief) security officer, information systems security auditor, or a specialist in cyber-security operations? If yes, welcome to Information Systems Security and Privacy course.

Information systems security and privacy is one among key focuses in contemporary information systems, ranging from business environments, public environments to private environments, and even to the level of states security. Students will get a knowledge (theoretical and practically applicable) about security and privacy provisioning ranging from ordinary information systems to internet of things and cloud computing. The goal of the course is to provide students with appropriate knowledge to a such extent that they will be able to pursue careers as developers, system administrators, managers (like chief security officers) and consultants.

The course will start with an overview of historical development of this field and key standardization organizations and bodies (ISO, ITU-T, ANSI, IETF, W3C, OASIS, OMG,...). Next, risk management will be discussed, followed by security mechanisms and services (principles and practical applications). Next, public key infrastructure, privilege infrastructure and Authentication, Authorization and Accounting infrastructures will be covered (time base synchronization, Radius, etc.). Afterward, security will be covered along the IP stack, layer by layer, from physical to application layer (protocols will include WEP, WPA, WPA2, IPSec, TLS, S/MIME, SET, XMLSec, XAML, XACML, and WS-*). Development and verification of security and privacy systems strongly depends on formal methods, therefore hese methods will be presented with some key representatives (e.g., Rueppel's formal method). Last but not least, we will focus on specifics of cloud security, privacy in the Internet of things and digital currencies (BitCoin).

The main thread of this course will be complemented by hands-on laboratory works. But also lectures are going to be "refreshed" by including practical work on selected, special topics like security simulations, documents security within operational PKI, etc. This course assumes familiarity with the basics of Computer communications and / or Computer protocols courses, and Wireless mobile ommunications course, because it extends significantly the basics given in these courses. The course will be in English, while in case of only Slovene speaking students it may be conducted in Slovene.

Probably one of the biggest charms of Computer Science is, that it appears so frequntly connected to other disciplines. Digital forensics is yet another of this areas. It is a branch of forensic science, which deals with acquisition and analysis of data related to digital equipment. The later are often connected to computer crime. The course is split into two parts. In the first one we will look into basics of digital forensics that need to be respected when performing forensic activity, that its outcomes are acceptable in the court of law. In the second, larger part, we will look at various operating systems and communication technologies. In detail, we will look at various technological procedures that are necessary to make collected data admissible in a court of law.

Student duties consists of assignments (quizes), two lab assignments where they simulate a criminal investigation, and an essay where they meet the most contemporary research in the area.


Information/Computer
 Security 
describes 
all

 preventive 
measures, 
procedures 
and 
means
 to
 ensure 
access 
to 
Information
 Systems
 and 
their contents 
in 
order 
to 
prevent 
their
 unauthorized
 use.
 Cryptography 
provides 
maximum 
security
 while 
at 
the 
same 
time 
preserves 
the flexibility of
 digital media.
 It
 forms
 the 
foundation 
of
 Information 
Society
 (objectives:
privacy, 
data
 integrity, 
digital
 authentication/signatures, digital 
cash,
and 
other
 cryptographic 
protocols;
 it 
covers 
Mathematics,
 Computer 
Science,
 Electrical 
Engineering,
 Finances, Policy, 
Defense,
 etc.).


 In this 
course 
will 
cover 
the 
some basic of 
Symmetric
 Cryptography, 

Public‐key 
cryptography

 


(Asymmetric 
Cryptography)
 and Computer 
and 
Information 
Security

.