Ensuring Security and Privacy

The main objective of the course is to present the basic concepts of information security, where the emphasis is on the protection of information systems, in particular educational information systems, against various threats, managing security risks and ensuring compliance of these systems with privacy protection regulations.
Students will acquire the following competences:

• Understand the concept of educational information system protection against threats;

• Security risk management and provision of compliance of these systems with regulations in the filed of privacy protection.

Basic knowledge of computer and information science is assumed.

1. Introduction
   • The goal and purpose of the course
   • Course materials and method of work
   • Required and additional literature
   • Study guide

2. Privacy
   • The concept of privacy and the right to pri-vacy
   • Protection of personal data in the area of education

3. Information security basics
   • Threats to information security
   • Cybercrime
   • Concepts and basic technologies for the protection of information systems
   • Cryptography basics
   • Security risks analysis and management
   • Ensuring compliance with educational in-formation systems with privacy protection regulations

• Students will be familiar with the key con-cepts and basic technologies for protecting in-formation systems.

• Students will know how to perform infor-mation security risk analysis and how to set up a system for information security compliance based on policies.

• Students will be able to ensure the compli-ance of educational information systems with privacy protection regulations.

• Layton, T.P. (2007). Information Security: Design, Implementation, Measurement, and Compliance. Boca Raton, Auerbach publications, 2007.
• Bishop, M. (2003). Computer Security, Art and Science, AddisonaWesley, 2003. Pfleeger, C.F. E-version
• Kovačič, M. (2006). Nadzor in zasebnost v informacijski družbi : filozofski, sociološki, pravni in tehnični vidiki nadzora in zasebnosti na internetu. Fakulteta za družbene vede, 2006. E-version
• Schneier, B. (2003). Beyond Fear. Copernicus Books, 2003. Catalogue E-version
• Schneier, B. (2015). Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World. W. W. Norton & Company, 2015. E-version
• Schneier, B. (2012). Liars and Outliers: Enabling the Trust that Society Needs to Thrive. Wiley, 2012. E-version

• Interim presentations • Final exam

Bojan Cestnik is the general manager of software company Temida and a researcher in the de-partment of Knowledge technologies at Jozef Stefan Institute in Ljubljana. He obtained his PhD in Computer Science form the University of Ljubljana. His professional and research interests in-clude knowledge based information systems, business process modeling, decision support sys-tems and machine learning. His research work was presented at several international confer-ences. He has been responsible for several large-scale software development and maintenance projects for supporting business operations where also ensuring internet security is important.

Selected bibliography:

CESTNIK, Bojan, BOHANEC, Marko, URBANČIČ, Tanja. QTvity: Advancing Students’ Engagement during Lectures by Using Mobile Devices. International conference on Computer Systems and Technologies CompSysTech’15. June 25a26, 2015, Dublin City University, Ireland.

CESTNIK, Bojan, KERN, Alenka, MODRIJAN, Helena. Semi-automatic ontology construction for improving comprehension of legal documents. Lect. notes comput. sci., 2008, lNCS 5184, str. 328a339. [COBISS.SIaID 23096103]

CESTNIK, Bojan, PETRIČ, Ingrid, URBANČIČ, Tanja, MACEDONI LUKŠIČ, Marta. Structuring domain knowledge by semiaautomatic ontology construction. Organizacija (Kranj), 2007, letn. 40, št. 6, str. 233a238. [COBISS.SIaID 824571]

PUR, Aleksander, BOHANEC, Marko, LAVRAČ, Nada, CESTNIK, Bojan. Primary healthacare network monitoring : a hierarchical resource allocation modeling approach. Int. j. health plann. manage., 2010, vol. 25, no. 2, str. 119a135. [COBISS.SIaID 23721255]

PETRIČ, Ingrid, CESTNIK, Bojan, LAVRAČ, Nada, URBANČIČ, Tanja. Outlier detection in cross-context link discovery for creative literature mining. Comput. j., 2012, vol. 55, no. 1, str. 47a61, doi: 10.1093/comjnl/bxq074. [COBISS.SIaID 1621243]

MACEDONI-LUKŠIČ, Marta, PETRIČ, Ingrid, CESTNIK, Bojan, URBANČIČ, Tanja. Developing a deeper understanding of autism : connecting knowledge through literature mining. autism res. treat., 2011, vol. 2011, 8 str. [COBISS.SIaID 1916411]

PETRIČ, Ingrid, URBANČIČ, Tanja, CESTNIK, Bojan, MACEDONIaLUKŠIČ, Marta. Literature mining method RaJoLink for uncovering relations between biomedical concepts. Journal of biomedical informatics, apr. 2009, vol. 42, no. 2, str. 219a227. [COBISS.SIaID 929787]

LAVRAČ, Nada, CESTNIK, Bojan, GAMBERGER, Dragan, FLACH, Peter A. Decision support through subgroup discovery : three case studies and the lessons learned. Mach. learn.. [Print ed.], 2004, vol. 57, str. 115a143. [COBISS.SIaID 18515239]