ECTS credits: 5
Introducing students to the issues of WEB security, especially in terms of business systems' dependence on communication. Acquisition of knowledge about dangers that threaten the Internet and how to protect oneself from them. Introduction to practical methods, measures and resources that can be applied in the construction and development of WWW security system.
The basics of information security. Legislation. Standards in information security. Internet security policy. Methods of data content protection. Program protection measures. Technical protection measures. Security of web applications. Public key infrastructure (PKI). Security of information systems in the cloud. Computer crime. Digital forensics.
Having passed the exam, the student will be able to identify domain space and security challenges of the web and information systems based on web technologies, classify threats and ways to deal with them for individuals and information systems, create necessary standard-defined documentation with the purpose of protection, organize and carry out protection of information systems based on web technologies, design protection for web-based systems, propose ways for technical and legal protection of systems based on web technologies, manage organizational units of business entities in charge of organization and implementation of IS security, perform a digital forensic analysis of attacked systems.
Having passed the exam, the student will be able to: 1. Analyse and apply legal regulations in th field of electronic business, electronic trade, digital signature, protection of personal data, etc. 2. Define the security policy according to ISO 27001 standard 3. Determine the most suitable security protocol to protect web applications. 4. Analyse and anticipate possible attacks on web applications. 5. Design public key architecture. 6. Apply digital signature. 7. Present protection technologies of information system security. 8. Create an information security managementt system These outcomes contribute to the learning outcomes of the study program: - Explain the operating principles of information systems (2). - Use the functionalities of contemporary engineering tools (5). - Propose improvements in data security and system security (8). - Analyze the influence of the IS characteristic on its performance and security (9). - Present one's own or team work (11).