IT SecurityLaajuus (5 cr)

Objective

The student is familiar with general aspects of information security:
Risk assessment and security management, Security mechanisms, User authentication and access control, Security algorithms, protocols and standards

Content

Definition of information security and information security process. Security requirements, risk analysis and information protection mechanisms. Risk assesment. Introduction to cryptography; symmetric and asymmetric encryption. Certificates and digital signatures. Building up secure information systems.

Assessment criteria, satisfactory (1)

The student knows the basic concepts of information security. He/she also knows elementary threats to information systems. He/she knows why encryption and digital signature are needed.

Assessment criteria, good (3)

The student knows how threats can be reduced using different security mechanisms.

Assessment criteria, excellent (5)

The student knows the principles of risk analysis. He/she knows also how encryption mechanisms work and how digital signature is implemented. He/she understands how simple authentication protocols work.

Assessment criteria, approved/failed

The student knows the basic concepts of information security. He/she also knows elementary threats to information systems. He/she knows why encryption and digital signature are needed.