Integrated Systems of Authorized Access

Major: Information Security Systems and Automation of Information Processing
Code of subject: 7.125.02.O.004
Credits: 4.00
Department: Information Security
Lecturer: Ph.D., Associate Professor Harasymchuk O.I.
Semester: 1 семестр
Mode of study: денна
Learning outcomes: • know the principles of building a comprehensive system of authorized access; • know the principles of operation of autonomous, measuring and universal systems of authorized access. • choose effective methods and means of implementing authorized access systems; • apply coordination of the designed means of authorized access among themselves and with the help of active activity of the organization; • content to restore the current regulatory framework in the design of the system of authorized access to facilities; • content to correctly assess the potential threats to information security of the object. • knowledge of the main models of vulnerabilities, threats and attacks to justify options for involving an automated information security monitoring system for information and communication systems and its main components; • involvement of standard approaches and methodologies in the design and modernization of protected objects of information activities in accordance with the regulatory requirements of current standards and specifications; • possession of legal and scientific-organizational bases of licensing, attestation and certification of objects of information protection; • involvement of standard approaches and methodologies in the design and modernization of protected objects of information activities in accordance with the regulatory requirements of current standards and specifications.
Required prior and related subjects: • Methods and means of technical protection of information, • Regulatory and legal provisions, standards and information policy. and cyber security.
Summary of the subject: Introduction. Terms. The content of the discipline. Legislative, scientific and normative-methodological base. Fundamentals of building a comprehensive system of authorized access. Analysis of possible threats to information security. General provisions on automated access control systems. The main components of ASUD. Requirements for the functional characteristics of the ACS. Methods and means of identification of persons. Hardware identification. General concepts of biometric identification. Types of biometric identification. Implementation of access control systems.
Assessment methods and criteria: • written reports on laboratory work, oral examination, reference work (25%); • final control (75 %, control measure, exam): written-oral form (75%).
Recommended books: 1. Harasymchuk OI, Dudykevych VB, Romaka VA, Integrated systems of authorized access. Tutorial. - Lviv, NULP, 2010, 207 p. 2. Laws of Ukraine: "On information", "On protection of information in automated systems", "On scientific and technical information", "On state secrets". 3. Cyber Security Strategy of Ukraine, 2016 4. Antonyuk AO Fundamentals of information security in automated systems. Textbook.-NU "Kyiv-Mohyla Academy", 2003, 242 p. 5. Bogush VM Information security of the state / V.M. Bogush, OK Yudin - K. “MK-Press”, 2005. - 432 p. 6. Dudykevych, VB Fundamentals of information security: textbook. pos. / Dudykevych VB, Khoroshko VO, Yaremchuk YE - Vinnytsia: VNTU, 2018. - 316 p. 7. Koneev IR Information security of the enterprise / Koneev IR, Belyaev AV - СПб .: “БХВ-Петербург”, 2003. - 752 .: ил. 8. Samokhvalov YA, Temnikov VO, Khoroshko VO Organizational and technical support of information protection. Tutorial. - K., NAU, 2002, 207 p. 9. Buryachok VL Fundamentals of information and cyber security. [Tutorial]. / VL Buryachok, RV Kirichok, PM Folding - K., 2018. - 320 p.

Integrated Systems of Authorized Access (курсовий проект)

Major: Information Security Systems and Automation of Information Processing
Code of subject: 7.125.02.O.007
Credits: 3.00
Department: Information Security
Lecturer: Ph.D., Associate Professor Harasymchuk O.I.
Semester: 1 семестр
Mode of study: денна
Learning outcomes: • know the principles of building a comprehensive system of authorized access; • know the principles of operation of autonomous, measuring and universal systems of authorized access. • choose effective methods and means of implementing authorized access systems; • apply coordination of the designed means of authorized access among themselves and with the help of active activity of the organization; • content to restore the current regulatory framework in the design of the system of authorized access to facilities; • content to correctly assess the potential threats to information security of the object. • knowledge of the main models of vulnerabilities, threats and attacks to justify options for involving an automated information security monitoring system for information and communication systems and its main components; • involvement of standard approaches and methodologies in the design and modernization of protected objects of information activities in accordance with the regulatory requirements of current standards and specifications; • possession of legal and scientific-organizational bases of licensing, attestation and certification of objects of information protection; • involvement of standard approaches and methodologies in the design and modernization of protected objects of information activities in accordance with the regulatory requirements of current standards and specifications.
Required prior and related subjects: • Methods and means of technical protection of information, • Regulatory and legal provisions, standards and information policy. and cyber security.
Summary of the subject: In the process of studying the discipline it is necessary to develop a project of a comprehensive system of authorized access of the enterprise, which circulates information with limited access (IOS). The adjacent territory of the enterprise, the premises, the specifics of its use by the staff, the list of basic and auxiliary technical means of processing, transmission and reception of information are given in table 1 of the guidelines and are selected according to the option. Changes are allowed in the choice of the object of protection, at the request of the student, which must be agreed with the teacher. The ultimate goal of the implementation of the CP: analysis of the object, possible threats, leakage channels, the choice of security policy and the development of a comprehensive system of authorized access.
Assessment methods and criteria: Protectoin course project 100%
Recommended books: 1. Harasymchuk OI, Dudykevych VB, Romaka VA, Integrated systems of authorized access. Tutorial. - Lviv, NULP, 2010, 207 p. 2. Development of a comprehensive system of authorized access at the enterprise. Methodical instructions for course work on the course "Integrated systems of authorized access", // Encl. Harasymchuk OI, Romaka VA - Lviv: Lviv Polytechnic National University Publishing House - 2020, Register №19114. 3. Laws of Ukraine: "On Information", "On Protection of Information in Automated Systems", "On Scientific and Technical Information", "On State Secrets". 4. Cyber Security Strategy of Ukraine, 2016 5. Antonyuk AO Fundamentals of information security in automated systems. Textbook.-NU "Kyiv-Mohyla Academy", 2003, 242 p. 6. Bogush VM Information security of the state / V.M. Bogush, OK Yudin - K. “MK-Press”, 2005. - 432 p. 7. Dudykevych, VB Fundamentals of information security: textbook. pos. / Dudykevych VB, Khoroshko VO, Yaremchuk YE - Vinnytsia: VNTU, 2018. - 316 p. 8. Koneev IR Information security of the enterprise / Koneev IR, Belyaev AV - СПб .: “БХВ-Петербург”, 2003. - 752 .: ил. 9. Samokhvalov YA, Temnikov VO, Khoroshko VO Organizational and technical support of information protection. Tutorial. - K., NAU, 2002, 207 p. 10. Buryachok VL Fundamentals of information and cyber security. [Tutorial]. / VL Buryachok, RV Kirichok, PM Folding - K., 2018. - 320 p.