Information security

Objective of the course is to present the basic concepts of information security to students. The key ingredients are computer information security, security risk analysis and mitigation, and establishment of information security policy and procedures.

Fluent in English or Slovene language, basic knowledge in computer and information science

1. Introduction
   • The goal and purpose of the course
   • Course materials and method of work
   • Study guide

2. Security of information systems
   • Information security concepts
   • Threats, vulnerabilitues and risks
   • Typical attacks on information systems

3. Basic concepts of cryptography
   • Cryptography basics
   • Symmetric and asymmetric crypotgraphy
   • Hash functions and their applications
   • Cryptographic protocols
   • Digital signature

4. Authorisation and access control
   • Management and implementation of access control
   • Firewall
   • Intrusion detection system

5. Network security
   • Basic concepts of network security
   • Protection in different types of network
   • VPN networks and anonimisation

6. Information security legislation and cybercrime
   • Cybercrime in criminal code
   • Information Security Act
   • Common forms of cybercrime
   • Intelligence hacking and cyberterrorism
   • History of the cybercrime in Slovenia

7. Information security policy
   • Managing security policies and standards
   • Design and implementation of security solutions
   • Cyber resilience planning

8. Advanced techniques of attacks on information systems
   • Attacks on random-access memory
   • TEMPEST attack
   • Hardware rootkits

The students will learn about the basics of computer information security. They will acquire knowledge about standards from the field. They will know how to perform information security risk analysis and how to setup a system for information security based on policies.

• Matej Kovačič. 2022. Crash course on cybersecurity: a manual for surviving in a networked world. ISBN: 978-961-7025-24-8 (PDF). E-version Catalogue
• Stallings, William, and Brown, Lawrie. Computer Security: Principles and Practice, 5th Edition, Pearson Education, 2024. Catalogue
• Kim, David, and Solomon, Michael G. Fundamentals of Information Systems Security, 4th Edition, Jones & Bartlett Learning, LLC, 2023. Catalogue
• Katz, Jonathan, and Yehuda, Lindell. Introduction to Modern Cryptography, 3rd Edition, CRC Press, 2021. Catalogue

Written exam 80%, Seminary work 20%

Dr. Samed Bajrić is a Research Associate at the Laboratory for Open Systems and Networks of the Jožef Stefan Institute. His research interests include cryptology, with particular focus on symmetric-key cryptography, where he works on the design and analysis of cryptographic Boolean functions, which are a fundamental building block in ensuring the security and robustness of cryptographic systems. In addition, he focuses on the impact of quantum technologies on existing security protocols and the use of (post-) quantum solutions to provide more secure communication systems.

Izbrane objave / Selected bibliography
BAJRIĆ, Samed. Enabling secure and trustworthy quantum networks : current state-of-the-art, key challenges, and potential solutions. IEEE access. 2023, vol. 11, str. 128801-128809.
BAJRIĆ, Samed. On a class of bent, near-bent, and 2-plateaued functions over finite fields of odd characteristic. AIMS mathematics. 2022, vol. 7, no. 2, str. 1971-1981.
BAJRIĆ, Samed. Data security and privacy issues in healthcare. Applied Medical Informatics. 2020, vol. 42, no. 1, str- 19-27. ISSN 2067-7855
POTT, Alexander, PAŠALIĆ, Enes, MURATOVIĆ-RIBIĆ, Amela, BAJRIĆ, Samed. On the maximum number of bent components of vectorial functions. IEEE transactions on information theory. Jan. 2018, vol. 64, no. 1, str. 403-411.