Students learn about the application of techniques and methods for the protection of data.

Knowledge of methods and technologies for data protection. The studenta are able to use cryptographic methods and technologies, create a software for data protection in electronic business system, design and implement mechanisms for authentication and access control.

Cryptography: introduction, basic concepts, cryptographic protocols, algorithms, digital signatures, digital certificates. Symmetric and asymmetric encryption algorithms, hash functions, key exchange. Cryptographic standards. PKI infrastructure: key management, establishment of PKI, certificate authorities, hierarchy of certificate authorities. Security of XML documents: digital signatures, encryption, web services security. Smart card technology: organization, standards and use. Application of security concepts at the level of operating systems, databases, and computer networks. Authentication: single-factor authentication, two-factor authentication, passwords, challenge-response principle, attacks, Kerberos, HTTP authentication. Access control: concepts, elements, policies, mechanisms and models of access control. Threat modeling.

Lectures. Computer practice. Consultations. The examination is oral. The final grade is formed on the basis of achievement in the laboratory practice classes and oral examination.