Application & Database Security

Major: Security of Information and Communication Systems
Code of subject: 7.125.01.M.016
Credits: 5.00
Department: Information Technology Security
Lecturer: Professor Olena Nyemkova
Semester: 2 семестр
Mode of study: денна
Learning outcomes: 1. Kn 1. Possession of sufficient knowledge in the fields related to information technology, cybersecurity, information security, will allow to critically analyze the situation in these fields and identify key trends in their development. 2. Kn 8. Knowledge of basic approaches to the organization of standard complexes and means of information protection in information and communication systems. 3. Kn 9. Knowledge of basic models of vulnerabilities, threats, and attacks to justify options for building an automated information security monitoring system for information and communication systems and its main components. 4. Kn 13. Possession of standard approaches and methodologies to the design and modernization of protected objects of information activities in accordance with the regulatory requirements of applicable standards and specifications. 5. Sk 3. Ability to perform analysis of risks and sources of threats, to develop a model of threats, to develop a model of the violator. 6. Sk 12. To substantiate and implement systems of protection of distributed information resources in information and communication systems. 7. COM 2. Ability to use a variety of methods, including modern information technology, for effective communication at the professional and social levels. 8. AiV 3. Ability to be responsible for the work performed, to make decisions independently, to achieve the goal in compliance with the requirements of professional ethics.
Required prior and related subjects: Databases Cryptographic protocols Computer networks
Summary of the subject: The discipline forms an idea of ??the methods, tools, and technologies for the security of storage, processing, and extraction of data, entrusted to database management systems - DBMS. Issues related to all three aspects of information security are considered: confidentiality, integrity, and accessibility in relation to database management systems. Most of the emphasis is on relational databases that meet the requirements of industrial information systems for data integrity and consistency. Examples are given for the two most popular relational databases today - Microsoft SQL Server and Oracle Database Server, respectively, in T-SQL and PL / SQL. Also included are issues of parallel data processing and the operation of distributed systems. Approaches based on role access are considered to protect intelligent information processing systems (knowledge systems).
Assessment methods and criteria: The following methods are used to diagnose knowledge: oral individual interview at each laboratory lesson, individual defense of laboratory reports; credit test at the end of the semester. The maximum score in points: 100, in particular: Execution and defense of laboratory work: 50, credit control: 50.
Recommended books: 1. Smirnov S.N. Security of database systems. - M .: Helios ARV, 2007. - 352 p. 2. Polyakov A.M. Oracle security through the eyes of the auditor: attack and defense. - M .: DMK Press, 2014. - 336 p. 3. Date K. J. Introduction to database systems. - M .: Williams, 2008. - 1315 p. 4. Petkovich D. Microsoft ® SQL Server ™ 2012. Beginner's Guide: Per. from English - StP .: BVH- Peterburg, 2013. - 816 p.