Integrated Systems of Authorized Access

Major: Administration of Cybersecurity Systems
Code of subject: 7.125.04.O.004
Credits: 4.00
Department: Information Security
Lecturer: Ph.D., Associate Professor Harasymchuk O.I.
Semester: 1 семестр
Mode of study: денна
Мета вивчення дисципліни: The purpose of studying this discipline is to impart to the student knowledge of the theoretical foundations and methods of designing complex systems of authorized access. The study of the discipline is necessary for the formation of ideas about the design and functioning of complex systems of authorized access to the information resources of the object, methods and methods of identification of persons, organization and legal regulation of the activity of the security service of the object. The subject teaches the student to build a complex system of authorized access as a component of a complex information protection system.
Завдання: – Ability to develop, implement and analyze regulatory documents, provisions, instructions and requirements of technical and organizational direction, as well as integrate, analyze and use the best global practices, standards in professional activities in the field of information security and/or cyber security. – Ability to research, develop and support methods and means of information security and/or cyber security at objects of information activity and critical infrastructure. – The ability to analyze, control and provide a management system for access to information resources in accordance with the established strategy and policy of information security and/or cyber security of the organization.
Learning outcomes: – Analyze and evaluate the security of systems, complexes and means of cyber protection, technology of creation and use of specialized software. - Research, develop and support systems and means of information security and/or cyber security at objects of information activity and critical infrastructure. - Analyze, monitor and ensure the effective functioning of the information resources access management system in accordance with the established information security and/or cyber security strategy and policy of the organization. - Set and solve complex engineering, applied and scientific problems of information security and/or cyber security, taking into account the requirements of domestic and international standards and best practices.
Required prior and related subjects: • Methods and means of technical protection of information, • Regulatory and legal provisions, standards and information policy. and cyber security.
Summary of the subject: This discipline provides students with the necessary knowledge to effectively build a complex system of authorized access, as well as manage the process of protecting information during the functioning of the security system. Acquaints students with the basics of building a complex system of authorized access, basic methods and means of identification of persons and principles of implementation of access control systems.
Опис: Introduction. Terms. The content of the discipline. Legislative, scientific and normative-methodological base. Fundamentals of building a comprehensive system of authorized access. Analysis of possible threats to information security. General provisions on automated access control systems. The main components of AACS. Requirements for the functional characteristics of the AACS. Methods and means of identification of persons. Hardware identification. General concepts of biometric identification. Types of biometric identification. Implementation of access control systems.
Assessment methods and criteria: • written reports on laboratory work, oral examination, reference work (25%); • final control (75 %, control measure, exam): written-oral form (75%).
Критерії оцінювання результатів навчання: Practical works - 25 points; Examination control: - written component - 65 points; - oral component - 10 points; Total for the discipline - 100 points.
Recommended books: 1. Garasymchuk O.I., Dudykevich V.B., Romaka V.A., Complex systems of authorized access. Tutorial. - Lviv, NULP, 2010, 207 p. 2. Laws of Ukraine: "On information", "On protection of information in automated systems", "On scientific and technical information", "On state secrets". 3. Antoniuk A.O. Fundamentals of information protection in automated systems. Study guide.-NU "Kyiv-Mohyla Academy", 2003, 242 p. 4. Bogush V.M. Information security of the state / V.M. Bogush, O.K. Yudin - K. "MK-Press", 2005. - 432 p. 5. Dudykevich, V. B. Basics of information security: teaching. village / Dudykevich V.B., Khoroshko V.O., Yaremchuk Yu.E. – Vinnytsia: VNTU, 2018. – 316 p. 6. Samokhvalov Yu.A., Temnikov V.O., Khoroshko V.O. Organizational and technical support for information protection. Tutorial. - K., NAU, 2002, 207 p. 7. Buryachok V. L. Fundamentals of information and cyber security. [Tutorial]. / V. L. Buryachok, R. V. Kyrychok, P. M. Skladannyi - K., 2018. - 320 p.

Integrated Systems of Authorized Access (курсовий проект)

Major: Administration of Cybersecurity Systems
Code of subject: 7.125.04.O.007
Credits: 3.00
Department: Information Security
Lecturer: Ph.D., Associate Professor Harasymchuk O.I.
Semester: 1 семестр
Mode of study: денна
Мета вивчення дисципліни: The purpose of studying this discipline is to impart to the student knowledge of the theoretical foundations and methods of designing complex systems of authorized access. The study of the discipline is necessary for the formation of ideas about the design and functioning of complex systems of authorized access to the information resources of the object, methods and methods of identification of persons, organization and legal regulation of the activity of the security service of the object. The subject teaches the student to build a complex system of authorized access as a component of a complex information protection system.
Завдання: integral competence: The ability of a person to solve tasks of a research and/or innovative nature in the field of information security and/or cyber security general competences: The ability to evaluate and ensure the quality of the work performed. professional competences: - Ability to develop, implement and analyze regulatory documents, provisions, instructions and requirements of technical and organizational direction, as well as integrate, analyze and use the best global practices, standards in professional activities in the field of information security and/or cyber security. - Ability to research, develop and support methods and means of information security and/or cyber security at objects of information activity and critical infrastructure. - The ability to analyze, control and provide a management system for access to information resources in accordance with the established strategy and policy of information security and/or cyber security of the organization.
Learning outcomes: - Communicate freely in national and foreign languages, orally and in writing, to present and discuss the results of research and innovation, ensuring business/operational processes and issues of professional activity in the field of information security and/or cyber security. - Conduct research and/or innovative activities in the field of information security and/or cyber security, as well as in the field of technical and cryptographic protection of information in cyberspace. – Analyze and evaluate the security of systems, complexes and means of cyber protection, technology of creation and use of specialized software. - Research, develop and support systems and means of information security and/or cyber security at objects of information activity and critical infrastructure. - Analyze, monitor and ensure the effective functioning of the information resources access management system in accordance with the established information security and/or cyber security strategy and policy of the organization. - Set and solve complex engineering, applied and scientific problems of information security and/or cyber security, taking into account the requirements of domestic and international standards and best practices.
Required prior and related subjects: • Methods and means of technical protection of information, • Regulatory and legal provisions, standards and information policy. and cyber security.
Summary of the subject: This discipline provides students with the necessary knowledge to effectively build a complex system of authorized access, as well as manage the process of protecting information during the functioning of the security system. Acquaints students with the basics of building a complex system of authorized access, basic methods and means of identification of persons and principles of implementation of access control systems.
Опис: In the process of studying the discipline it is necessary to develop a project of a comprehensive system of authorized access of the enterprise, which circulates information with limited access (IOS). The adjacent territory of the enterprise, the premises, the specifics of its use by the staff, the list of basic and auxiliary technical means of processing, transmission and reception of information are given in table 1 of the guidelines and are selected according to the option. Changes are allowed in the choice of the object of protection, at the request of the student, which must be agreed with the teacher. The ultimate goal of the implementation of the CP: analysis of the object, possible threats, leakage channels, the choice of security policy and the development of a comprehensive system of authorized access.
Assessment methods and criteria: Protectoin course project 100%
Критерії оцінювання результатів навчання: Verification of the completion of the course project - 50 points; Oral survey - 50 points; Total for the discipline - 100 points.
Recommended books: 1. Harasymchuk OI, Dudykevych VB, Romaka VA, Integrated systems of authorized access. Tutorial. - Lviv, NULP, 2010, 207 p. 2. Development of a comprehensive system of authorized access at the enterprise. Methodical instructions for course work on the course "Integrated systems of authorized access", // Encl. Harasymchuk OI, Romaka VA - Lviv: Lviv Polytechnic National University Publishing House - 2020, Register №19114. 3. Laws of Ukraine: "On Information", "On Protection of Information in Automated Systems", "On Scientific and Technical Information", "On State Secrets". 4. Cyber Security Strategy of Ukraine, 2016 5. Antonyuk AO Fundamentals of information security in automated systems. Textbook.-NU "Kyiv-Mohyla Academy", 2003, 242 p. 6. Bogush VM Information security of the state / V.M. Bogush, OK Yudin - K. “MK-Press”, 2005. - 432 p. 7. Dudykevych, VB Fundamentals of information security: textbook. pos. / Dudykevych VB, Khoroshko VO, Yaremchuk YE - Vinnytsia: VNTU, 2018. - 316 p. 8. Koneev IR Information security of the enterprise / Koneev IR, Belyaev AV - СПб .: “БХВ-Петербург”, 2003. - 752 .: ил. 9. Samokhvalov YA, Temnikov VO, Khoroshko VO Organizational and technical support of information protection. Tutorial. - K., NAU, 2002, 207 p. 10. Buryachok VL Fundamentals of information and cyber security. [Tutorial]. / VL Buryachok, RV Kirichok, PM Folding - K., 2018. - 320 p.