TESTING AND EXAMINATION OF PROTECTIVE MEANS INFORMATION
Course: Information Security of Telecommunication Systems and Networ (master's degree)
Structural unit: Faculty of Radiophysics, Electronics and Computer Systems
Title
TESTING AND EXAMINATION OF PROTECTIVE MEANS INFORMATION
Code
ВБ 1.04
Module type
Вибіркова дисципліна для ОП
Educational cycle
Second
Year of study when the component is delivered
2023/2024
Semester/trimester when the component is delivered
4 Semester
Number of ECTS credits allocated
6
Learning outcomes
The student must know: the basic concepts of the theory of information protection, the procedure for organizing and conducting a state examination of a complex system of information protection, the content and purpose of building a security policy for a complex system information protection, development procedure, requirements and content threat models of information processed in automated systems of the first, second, third classes; development procedure, requirements and content of the model of the violator The student should be able to: build a threat model of information processed in automated systems of the first, second, third grades, evaluate expert opinion of the state examination of the integrated protection system, to assess the compliance of the selected functional security services of the subject area of the automated system under analysis
Form of study
Full-time form
Prerequisites and co-requisites
The educational discipline is based on a cycle of disciplines of professional and practical training, in particular: "Digital devices", "Digital signal processing", "Fundamentals of the theory of automatic control", "Digital circuit engineering and electronics", "Reception and processing of signals", "Fundamentals of the theory of information transmission". Prerequisites: 1. Know the elements of higher algebra. 2. Know the basics of programming. 3. Know the basic concepts of information and threats to its confidentiality, integrity and availability. 4. Have an idea about the security functional profile and its properties regarding its consistency, completeness and uniqueness. 5. Be able to launch and manage application software based on a graphical user interface, find information on the Internet.
Course content
Study of the discipline "Testing and examination of information protection means" allows you to understand the essence of the process of examination of information protection systems. Under consideration general principles of expert opinion construction, analysis of security assessment criteria information in computer systems from unauthorized access in telecommunication systems systems Special attention is paid to the process of examination of complex protection systems information, definition and analysis of functional security services.
Recommended or required reading and other learning resources/tools
1. А. М. Давиденко, О. А. Суліма, «Структурні підходи до методів оцінки рівня безпеки інформаційних систем», Моделювання та інформаційні технології. Зб. наук. праць, Вип. 83, С.11-21, 2018. 2. Положення про державну експертизу в сфері технічного захисту інформації, затверджене наказом Департаменту спеціальних телекомунікаційних систем та захисту інформації Служби безпеки України від 29 грудня 1999 р. No 62, зареєстровано в Міністерстві юстиції України від 24.01.2000р. No 40/4261. 3. Корченко О. Г. Системи захисту інформації / О.Г. Корченко. – К.: НАУ, 2004. – 264с. 4. Терейковський І. А. Формування політики безпеки комп’ютерних систем/ І. А. Терейковський // Захист інформації. — 2008. — Т. 10, No 1. — С. 12–22. 5. Задирака В. К. Методи захисту банківської інформації / Задирака В.К., Олесюк О.С., Недашковський М.О. – К.: Вища шк., 1999. – 261 с. 6 LaPadula D. Bell. Secure Computer Systems: A Mathematical Model, ESD TR-73-278, V. II, MITRE Corportaion.
Planned learning activities and teaching methods
lecture classes, practical classes,laboratory work, independent individual work.
Assessment methods and criteria
Semester evaluation: control is carried out according to the following principle. Session has one meaningful module. After the completion of the relevant topics, a written test is conducted modular control work. To determine the level of achievement of learning outcomes Tasks for the modular control work test the ability to solve concrete tasks of carrying out examination of protection systems. Mandatory for admission to the exam is writing a modular control paper with a score of at least 10 points and speaking with report at the seminar. Final assessment is in the form of an exam. The form of the exam is written and oral. In total, you can get from 0 to 40 points for the exams. The condition for achieving a positive grade for a discipline is to obtain a total score (for the semester assessment and the exam together) of at least 60 points, while the final assessment grade cannot be less than 20 points.
Language of instruction
Ukrainian
Lecturers
This discipline is taught by the following teachers
Department of Radiotechnique and radioelectronics systems
Faculty of Radiophysics, Electronics and Computer Systems
Faculty of Radiophysics, Electronics and Computer Systems
Departments
The following departments are involved in teaching the above discipline
Department of Radiotechnique and radioelectronics systems
Faculty of Radiophysics, Electronics and Computer Systems