Theoretical basis of information security
Description: The discipline is aimed at developing students' knowledge in the field of theoretical foundations of information security and the skills of practical provision of information protection and the safe use of software in computing systems.
Amount of credits: 6
Пререквизиты:
- Algorithmization and programming technologies
Course Workload:
| Types of classes | hours |
|---|---|
| Lectures | 30 |
| Practical works | 30 |
| Laboratory works | |
| SAWTG (Student Autonomous Work under Teacher Guidance) | 30 |
| SAW (Student autonomous work) | 90 |
| Form of final control | Exam |
| Final assessment method |
Component: Component by selection
Cycle: Profiling disciplines
Goal
- The purpose of studying the discipline is to provide students with basic knowledge on general issues of organizing information security at the facility, methods and means of protecting it in devices and transmission channels
Objective
- - obtaining knowledge about the principles of organizing and building an information security system at the facility;
- - study of the main channels of information leakage and the reasons for their formation;
- - study of methods and means of hidden retrieval of information;
- - study of methods and means of protection, detection and counteraction in various channels of information transmission;
- - study of methods and means of information protection in personal computers and computer networks, including cryptographic and steganographic methods.
Learning outcome: knowledge and understanding
- fundamentals of information security and information protection, principles of cryptographic transformations;
- fundamentals of the legislation of the Republic of Kazakhstan in the field of information protection;
- typical software and hardware and systems for protecting information from unauthorized access to the computer environment;
Learning outcome: applying knowledge and understanding
- typical software and hardware and systems for protecting information from unauthorized access to the computer environment;
- implement measures to ensure the enterprise (in the organization) activities in the field of information security
Learning outcome: formation of judgments
- conceptual apparatus in the field of information security;
- skills in the use of personal information protection equipment;
- methods of combating threats to information security.
Learning outcome: communicative abilities
- about the basics of legal knowledge in various fields of activity
- about the basics of legal knowledge in various fields of activity
Learning outcome: learning skills or learning abilities
- training in information security tools and the possibilities of their use in real tasks of creating and implementing information systems
Teaching methods
- lectures and online lectures, laboratory classes using slides and other multimedia tools.
Assessment of the student's knowledge
Teacher oversees various tasks related to ongoing assessment and determines students' current performance twice during each academic period. Ratings 1 and 2 are formulated based on the outcomes of this ongoing assessment. The student's learning achievements are assessed using a 100-point scale, and the final grades P1 and P2 are calculated as the average of their ongoing performance evaluations. The teacher evaluates the student's work throughout the academic period in alignment with the assignment submission schedule for the discipline. The assessment system may incorporate a mix of written and oral, group and individual formats.
| Period | Type of task | Total |
|---|---|---|
| 1 rating | Лабораторное задание №1 | 0-100 |
| Лабораторное задание №2 | ||
| Лабораторное задание №3 | ||
| Лабораторное задание №4 | ||
| Лабораторное задание №5 | ||
| 2 rating | Лабораторное задание №6 | 0-100 |
| Лабораторное задание №7 | ||
| Лабораторное задание №8 | ||
| Лабораторное задание №9 | ||
| Лабораторное задание №10 | ||
| Total control | Exam | 0-100 |
The evaluating policy of learning outcomes by work type
| Type of task | 90-100 | 70-89 | 50-69 | 0-49 |
|---|---|---|---|---|
| Excellent | Good | Satisfactory | Unsatisfactory |
Evaluation form
The student's final grade in the course is calculated on a 100 point grading scale, it includes:
- 40% of the examination result;
- 60% of current control result.
The final grade is calculated by the formula:
| FG = 0,6 | MT1+MT2 | +0,4E |
| 2 |
Where Midterm 1, Midterm 2are digital equivalents of the grades of Midterm 1 and 2;
E is a digital equivalent of the exam grade.
Final alphabetical grade and its equivalent in points:
The letter grading system for students' academic achievements, corresponding to the numerical equivalent on a four-point scale:
| Alphabetical grade | Numerical value | Points (%) | Traditional grade |
|---|---|---|---|
| A | 4.0 | 95-100 | Excellent |
| A- | 3.67 | 90-94 | |
| B+ | 3.33 | 85-89 | Good |
| B | 3.0 | 80-84 | |
| B- | 2.67 | 75-79 | |
| C+ | 2.33 | 70-74 | |
| C | 2.0 | 65-69 | Satisfactory |
| C- | 1.67 | 60-64 | |
| D+ | 1.33 | 55-59 | |
| D | 1.0 | 50-54 | |
| FX | 0.5 | 25-49 | Unsatisfactory |
| F | 0 | 0-24 |
Topics of lectures
- Понятие национальной безопасности: виды безопасности: государственная, экономическая, общественная, военная, экологическая, информационная
- Методы и средства обеспечения ИБ
- Правовое и организационное обеспечение информационной безопасности
- Анализ и оценка угроз информационной безопасности объекта
- Технические средства обеспечения информационной безопасности
- Предотвращение несанкционированного доступа к компьютерным ресурсам и защита программных средств
- Идентификация пользователей и установление их подлинности при доступе к компьютерным ресурсам
- Особенности программной реализации контроля установленных полномочий
- Защита от компьютерных вирусов
- Криптографическое закрытие информации
- Введение в криптографию
- Стандарты шифрования
- Общая организация криптографической защиты информации
- Защита от потери информации и отказов программно-аппаратных средств
- Современные средства защиты информации от НСД
Key reading
- 1. Бабаш, А.В. Информационная безопасность. Лабораторный практикум: Учебное пособие / А.В. Бабаш, Е.К. Баранова, Ю.Н. Мельников. — М.: КноРус, 2016. — 136 c.
- 2. Гафнер, В.В. Информационная безопасность: Учебное пособие / В.В. Гафнер. — Рн/Д: Феникс, 2017. — 324 c.
- 3. Громов, Ю.Ю. Информационная безопасность и защита информации: Учебное пособие / Ю.Ю. Громов, В.О. Драчев, О.Г. Иванова. — Ст. Оскол: ТНТ, 2017. — 384 c.
- 4. Ефимова, Л.Л. Информационная безопасность детей. Российский и зарубежный опыт: Монография / Л.Л. Ефимова, С.А. Кочерга. — М.: ЮНИТИ-ДАНА, 2016. — 239 c.
Further reading
- 5. Запечников, С.В. Информационная безопасность открытых систем. В 2-х т. Т.1 — Угрозы, уязвимости, атаки и подходы к защите / С.В. Запечников, Н.Г Милославская. — М.: ГЛТ, 2017. — 536 c.
- 6. Запечников, С.В. Информационная безопасность открытых систем. В 2-х т. Т.2 — Средства защиты в сетях / С.В. Запечников, Н.Г. Милославская, А.И. Толстой, Д.В. Ушаков. — М.: ГЛТ, 2018. — 558 c.
- 7. Малюк, А.А. Информационная безопасность: концептуальные и методологические основы защиты информации / А.А. Малюк. — М.: ГЛТ, 2016. — 280 c.
- 8. Семененко, В.А. Информационная безопасность: Учебное пособие / В.А. Семененко. — М.: МГИУ, 2017. — 277 c.
