Information Protection in Communication Channels
Major: Cyber Security
Code of subject: 8.125.00.M.013
Department: Information Security
Lecturer: Mykytyn Halyna Vasylivna - DSc, prof., prof. Department of Information Protection
Semester: 2 семестр
Mode of study: денна
Завдання: The study of an academic discipline involves the formation and development of competencies in graduate students: general: – the ability and ability to integrate knowledge of the studied subject area with international achievements; - the ability to produce new ideas, to show creativity and the ability to think systematically; - the ability to apply the analysis and synthesis of the elements of the researched problem and, on this basis, to develop approaches and new concepts for solving the scientific problems; - the ability to effectively use various theories in the field of information technology and cyber security in practice, and on this basis, the ability to solve the tasks and make appropriate management decisions; - the ability to conduct scientific research, justifying: information resources, models and mechanisms of the experiment, instrumental means of implementation; - the ability to purposefully and professionally interact with international specialists in information technologies and cyber security in accordance with programs and projects of integration into the global information space; professional: - the ability to substantiate the methodology and criteria for the selection of scientific methods to ensure information security and protection of information of research objects; - the ability to develop complex information protection systems in the communication channels of wireless technologies, in particular, the communication environment of cyber-physical systems based on the structure: threat model - offender model - protection model; - the ability to evaluate the compliance of developed information protection systems in communication channels with their purpose in accordance with the requirements of current standards.
Learning outcomes: The learning outcomes of this discipline detail the following program learning outcomes: 1. The ability to demonstrate in-depth knowledge in the fields related to information technologies, cyber security, information security and to determine strategic trends in their development; 2. Ability to demonstrate in-depth knowledge of innovative technologies in the field of information technology and cyber security; 3. Ability to demonstrate in-depth knowledge of scientific methodologies, approaches, principles, current national and international standards that form the basis of cyber security and information technologies; 4. Ability to demonstrate in-depth knowledge of domestic and international levels in the field of protection of communication technologies; 5. Apply acquired knowledge in various subject areas and at the interdisciplinary level in accordance with the object, subject and methods of scientific research; 6. To justify the selection criteria - methodologies, theories, models, methods and means of research in order to solve scientific problems at the theoretical-experimental level in the relevant subject area; 7. Carry out mathematical modeling of the complex system of information protection in the communication channels of wireless technologies in the software environment based on the mathematical model "threat - protection" and the corresponding method of creating an information protection system; 8. Conduct scientific research in connection with the determination of: relevance of the problem, goals and tasks, scientific novelty and practical value, obtained scientific results and conclusions.
Required prior and related subjects: Security of cloud technologies Mathematical and computer modeling in scientific research
Summary of the subject: Within the framework of the discipline, the following are considered: 1. conceptual approaches to information protection in cellular and satellite communication technologies at the physical, channel, network, and system levels, which reveal technologies, methods, and means of information protection at the level of the “object – threat – protection – protection management” model; 2. system security model of wireless communication technologies GSM, CDMA, WiMAX, LTE at the level of "system - signal - channel - path" models, threats, protection - protection management, which is the basis for creating complex information protection systems; 3. cyber-physical systems security strategy, which ensures secure interaction of levels (cybernetic space, communication environment, physical space) and components of the corresponding level in order to ensure information protection profiles: confidentiality – integrity – availability – observability – guarantee; 4. a complex system of security of information networks, as one of the segments of the communication environment of the CFS according to the OSI levels according to the structure: topology - threat - threat implementation - protection - regulatory support; 5. matrix method of building a comprehensive system of information protection in communication channels of wireless technologies; application of the algorithm of symmetric block encryption of information in wireless communication channels according to DSTU 7624: 2014.
Опис: Known approaches to information protection in wireless communication technologies. The structure of the communication environment of cyber-physical systems and approaches to information protection. Methods and means of information protection in cellular communication technologies: GSM, ADS (D-AMPS), JDS, DECT Methods and means of information protection in UMTS, CDMA cellular communication technologies A conceptual approach to information protection in VSAT, DVB satellite communication technologies: the "threat - protection" model at the physical, channel, network, and system levels The system security model of GSM, CDMA, WiMAX, LTE wireless communication technologies: the "object - threat - protection - protection management" model. Security strategy of cyber-physical systems (CFS) and integrated security system (CSS) of the communication environment on the example of wireless communication technologies and information networks. KSB of wireless communication technologies based on the concept "object - threat - protection"; STRIDE techniques; security profiles, regulatory support. KSB of information networks based on the OSI model. Matrix method of creating a complex information protection system in wireless communication channels. Encryption/decryption of information in wireless communication channels based on the Kalina block algorithm.
Assessment methods and criteria: Methods of knowledge diagnosis The method of diagnosing a graduate student's knowledge is an individual research task (R&D), which covers the main issues of the academic discipline, allows the graduate student to systematically approach the creation of a complex system of information protection in communication channels. The purpose of NDZ is to analyze information threats in wireless communication channels and protection technologies and, on this basis, create a complex security system using the matrix method. The total volume of NDZ is 20 pages. text The text part of an individual NDZ includes: title page, table of contents, main part, list of references.
Критерії оцінювання результатів навчання: The maximum score is 100 points Current control (PC) – 35 points 1. Laboratory classes - 25 2. Test control – 10 Examination control - 65 points Written component -60 points Oral component – 5 points
Порядок та критерії виставляння балів та оцінок: 100–88 points – (“excellent”) is awarded for a high level of knowledge (some inaccuracies are allowed) of the educational material of the component contained in the main and additional recommended literary sources, the ability to analyze the phenomena being studied in their interrelationship and development, clearly, succinctly, logically, consistently answer the questions, the ability to apply theoretical provisions when solving practical problems; 87–71 points – (“good”) is awarded for a generally correct understanding of the educational material of the component, including calculations, reasoned answers to the questions posed, which, however, contain certain (insignificant) shortcomings, for the ability to apply theoretical provisions when solving practical tasks; 70 – 50 points – (“satisfactory”) awarded for weak knowledge of the component’s educational material, inaccurate or poorly reasoned answers, with a violation of the sequence of presentation, for weak application of theoretical provisions when solving practical problems; 49-26 points - ("not certified" with the possibility of retaking the semester control) is awarded for ignorance of a significant part of the educational material of the component, significant errors in answering questions, inability to apply theoretical provisions when solving practical problems; 25-00 points - ("unsatisfactory" with mandatory re-study) is awarded for ignorance of a significant part of the educational material of the component, significant errors in answering questions, inability to navigate when solving practical problems, ignorance of the main fundamental provisions.
Recommended books: Recommended Books Basic 1. V. B. Dudykevich Protection of telephone communication means and channels: Training manual / V. B. Dudykevich, V. V. Khoma, L. T. Parkhuts. – L.: Publishing House of Lviv Polytechnic, 2012. – 210 p. 2. Dudykevich V. B., Maksymovich V. N., Mykytin G. V. Development of conceptual foundations of security in information and communication technologies / Information technologies and information protection in information and communication systems: monograph / edited by. V.S. Ponomarenko. – Kh.: Published by Shchedra Sadiba Plus LLC, 2015. – P. 112–126. 3. Dudykevich V. B., Maksimovich V. N., Mykytin G. V. Security strategy of cyber-physical systems / Information technologies and information protection in information and communication systems: monograph / editor. V. S. Ponomarenko. – Kh.: Type of Shchedra Sadiba Plus LLC. – 2016. – P. 286 – 300. 4. V. B. Dudykevich Wireless sensor networks ZigBee, Wi-Fi and Bluetooth in cyber-physical systems: the concept of "object - threat - protection" based on the OSI model / V. B. Dudykevich, G. V. Mykytin, A. I. Rebets, M. V. Melnyk // Information processing systems. – 2019. – P. 114 – 120. Auxiliary 1. Information technology. Security techniques. Evaluation criteria for IT security. Part 1–3: ISO/IEC 15408-1:2009, ISO/IEC 15408-2:2008, ISO/IEC 15408-3:2008. – [Active from 2009.01.01]. – Switzerland: ISO copyright office, 2009. – 56, 161, 150 p. 2. The procedure for the creation of a comprehensive information protection system in the information and telecommunications system: ND TZI 3.7-003-05. – [Effective from 2005-11-08]. - K.: DSTSZI SB of Ukraine, 2005. - 16 p. – (Regulatory document of the system of technical protection of information). 3. Information processing systems. Interconnection of open systems. Basic reference model. Part 2. Architecture of information protection. DSTU ISO 7498-2:2004. – [Effective from 2006-04-01]. - K.: Derzhspozhivstandard of Ukraine, 2006 - 44 p. 4. Information technologies. Cryptographic protection of information. Algorithm of symmetric block transformation: DSTU 7624: 2014. – [Effective from 2015-07-01]. - K: Derzhspozhivstandart, 2016. - 117 p. Educational and methodological support 1. Construction of complex information technology security systems for management tasks based on the concept "object - threat - protection": Methodological guidelines and tasks for independent work of students from the course "Automation of information processing with limited access" and "Automated information processing systems with limited access" access" by specialty: 7.17010201 "Systems of technical protection of information, automation of its processing" / Acc.: V. B. Dudykevich, V. M. Maksymovych, G. V. Mykytin. - Lviv: NU "LP", 2015. - 110 p. Information resources 1. Work program on the discipline "Protection of information in communication channels" for the specialty 125. Cyber security, specializations 02. Systems of technical protection of information, automation of its processing / Acc.: Mykytin G.V. - Lviv: NU "LP". - 2022. - 9 p. // Virtual learning environment of "Lviv Polytechnic": http://vns.lpnu.ua/course/view.php?id=4327#section-0 2. The concept of technical information protection in Ukraine. Resolution of the Cabinet of Ministers of Ukraine "On Approval of the Concept of Technical Protection of Information in Ukraine" dated October 8, 1997 No. 1126. The latest version dated October 13, 2011. - [Electronic resource]. – Access mode: http://zakon4.rada.gov.ua/laws/show/1126-97-%D0%BF,415 3. Doctrine of information security of Ukraine. Decree of the President of Ukraine dated 07/08/2009 No. 514/2009 // Official Gazette of Ukraine. – 2009. – No. 52. – P. 7. – [Electronic resource]. – Access mode: http://zakon1.rada.gov.ua/cgi-bin/laws/main.cgi?nreg=514%2F2009 4. Law of Ukraine "On Information Protection in Information and Telecommunication Systems" dated 07.05.1994 No. 80/94-VR. The latest edition is dated 03/02/2014. - [Electronic resource]. – Access mode: http://zakon2.rada.gov.ua/laws/show/80/94-%D0%B2%D1%80 5. Project of Cyber Security Strategy of Ukraine. - [Electronic resource]. – Access mode: http://www.niss.gov.ua/public/File/2013_nauk_an_rozrobku/kiberstrateg.pdf
Уніфікований додаток: Lviv Polytechnic National University ensures the realization of the right of persons with disabilities to obtain higher education. Inclusive educational services are provided by the Service of accessibility to learning opportunities "Without restrictions", the purpose of which is to provide permanent individual support for the educational process of students with disabilities and chronic diseases. An important tool for the implementation of the inclusive educational policy at the University is the Program for improving the qualifications of scientific and pedagogical workers and educational and support staff in the field of social inclusion and inclusive education. Contact at: St. Karpinsky, 2/4, 1st floor, room 112 E-mail: firstname.lastname@example.org Websites: https://lpnu.ua/nolimits https://lpnu.ua/integration
Академічна доброчесність: The policy regarding the academic integrity of the participants of the educational process is formed on the basis of compliance with the principles of academic integrity, taking into account the norms "Regulations on academic integrity at the Lviv Polytechnic National University" (approved by the academic council of the university on June 20, 2017, protocol No. 35).