Do you want to know how encrypted data can be processed correctly so that a processor is “not aware” of their content? Would you like to know how BitCoin works and be able to make a similar solution on your own? Are you interested in becoming a (chief) security officer, information systems security auditor, or a specialist in cyber-security operations? If yes, welcome to Information Systems Security and Privacy course.

Information systems security and privacy is one among key focuses in contemporary information systems, ranging from business environments, public environments to private environments, and even to the level of states security. Students will get a knowledge (theoretical and practically applicable) about security and privacy provisioning ranging from ordinary information systems to internet of things and cloud computing. The goal of the course is to provide students with appropriate knowledge to a such extent that they will be able to pursue careers as developers, system administrators, managers (like chief security officers) and consultants.

The course will start with an overview of historical development of this field and key standardization organizations and bodies (ISO, ITU-T, ANSI, IETF, W3C, OASIS, OMG,...). Next, risk management will be discussed, followed by security mechanisms and services (principles and practical applications). Next, public key infrastructure, privilege infrastructure and Authentication, Authorization and Accounting infrastructures will be covered (time base synchronization, Radius, etc.). Afterward, security will be covered along the IP stack, layer by layer, from physical to application layer (protocols will include WEP, WPA, WPA2, IPSec, TLS, S/MIME, SET, XMLSec, XAML, XACML, and WS-*). Development and verification of security and privacy systems strongly depends on formal methods, therefore hese methods will be presented with some key representatives (e.g., Rueppel's formal method). Last but not least, we will focus on specifics of cloud security, privacy in the Internet of things and digital currencies (BitCoin).

The main thread of this course will be complemented by hands-on laboratory works. But also lectures are going to be "refreshed" by including practical work on selected, special topics like security simulations, documents security within operational PKI, etc. This course assumes familiarity with the basics of Computer communications and / or Computer protocols courses, and Wireless mobile ommunications course, because it extends significantly the basics given in these courses. The course will be in English, while in case of only Slovene speaking students it may be conducted in Slovene.