|
Lecturer(s)
|
-
Oulehla Milan, Ing. Ph.D.
-
Sysel Martin, doc. Ing. Ph.D.
|
|
Course content
|
Topics: 1. Principles and goals of protection of modern operating systems 2. Objectives of protection (Hardware Objects, Software Objects) 3. Access Matrix and its implementation 4. Access Control Method 5. Revocation of access permissions 6. Other methods of protection (Auxiliary Rights, Rights Amplification and others) 7. Types of attacks and security threats 8. Software threats (Logic Bomb, Buffer Overflow and others) 9. System threats 10. Network communication threats 11. Cryptography as a tool for threat mitigation 12. Problems of data backups 13. Security aspects of the User Authentication process 14. Implementation of security measures
|
|
Learning activities and teaching methods
|
Lecturing, Exercises on PC
- Participation in classes
- 17 hours per semester
|
| prerequisite |
|---|
| Knowledge |
|---|
| Basics of program development skills Knowledge of Linux operating system Knowledge of command line interpreter (e.g. Bash) Programing in Java language |
| Basics of program development skills Knowledge of Linux operating system Knowledge of command line interpreter (e.g. Bash) Programing in Java language |
| learning outcomes |
|---|
| Describe the issue of security policies |
| Describe the issue of security policies |
| Explain the principles of the potential threat model |
| Explain the principles of the potential threat model |
| Describe what belongs to the set of secure objects |
| Describe what belongs to the set of secure objects |
| Explain the confidentiality principle, the integrity principle and the availability principle |
| Explain the confidentiality principle, the integrity principle and the availability principle |
| Describe the theoretical framework related to attacks on operating systems |
| Describe the theoretical framework related to attacks on operating systems |
| Skills |
|---|
| Identify security issues arising from inconsistencies in rules |
| Identify security issues arising from inconsistencies in rules |
| Give examples of what needs to be included in a model of potential threats |
| Give examples of what needs to be included in a model of potential threats |
| Identify security issues related to untreated inputs |
| Identify security issues related to untreated inputs |
| Identify security issues related to local attacks on operating systems |
| Identify security issues related to local attacks on operating systems |
| Identify security issues related to malware attacks on operating systems |
| Identify security issues related to malware attacks on operating systems |
| teaching methods |
|---|
| Knowledge |
|---|
| Exercises on PC |
| Exercises on PC |
| Lecturing |
| Lecturing |
| assessment methods |
|---|
| Written examination |
| Written examination |
|
Recommended literature
|
-
JAEGER, Trent. Operating system security. CA: Morgan & Claypool Publishers, 2008. ISBN 9781598292121.
-
OULEHLA, Milan a Roman JAŠEK. Moderní kryptografie průvodce světem šifrování. Praha: IFP Publishing s.r.o., 2017. ISBN 978-80-87383-67-4.
-
SILBERSCHATZ, Abraham., Peter B. GALVIN a Greg. GAGNE. Operating system concepts. New York: Wiley, 2013. ISBN 978-1-118-06333-0.
-
STALLINGS, William a Lawrie BROWN. Computer security: principles and practice. Boston: Pearson, 2015. ISBN 978-0133773927.
-
STALLINGS, William. Operating systems: internals and design principles. Boston: Pearson, 2015. ISBN 978-0133805918.
|