Institute of Information Science - University of Miskolc

User Tools

Site Tools

Trace:
tanszek:oktatas:computer_system_security

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
tanszek:oktatas:computer_system_security [2023/05/29 07:45] – [Test Questions] superusertanszek:oktatas:computer_system_security [2025/03/19 13:51] (current) – [Handouts] ohornyak
Line 4: Line 4:
   * Data loss and corruption   * Data loss and corruption
   * User authentication methods, Passwords, encryption.   * User authentication methods, Passwords, encryption.
-  * Protection of privacy, destruction of data+  * Protection of privacy
   * Network security knowledge: protocols, devices, network attacks   * Network security knowledge: protocols, devices, network attacks
-  * Virtual private networks +  * Ethical hacking and forensics
-  * Ethical hacking+
   * Design and implement secure applications   * Design and implement secure applications
  
Line 19: Line 18:
 ^ Week #     ^ Lecture      ^ Labor          ^ ^ Week #     ^ Lecture      ^ Labor          ^
 | Week 1   | Basic concepts    | Labor usage, handouts requirements | | Week 1   | Basic concepts    | Labor usage, handouts requirements |
-| Week 2   | Security design principles| Design the security of Neptun system+| Week 2   | Security design principles| Functional and architectural design of coding task 1. 
-| Week 3   | Introduction to Kali Linux   | Basic commands        | +| Week 3   | Security design walkthrough| Functional and architectural design of coding task 2.| 
-| Week   | Working with Kali Linux    | Introduction to Python+| Week 4   | Introduction to Kali Linux   | Basic commands        | 
-| Week   | Python security tools| Writing Python code        | +| Week   | Working with Kali Linux    | Coding - safe logon and user management 
-| Week   | Bank Holiday| Bank Holiday| +| Week   | Python security tools| Coding  - safe document storage        | 
-| Week   | Malicious code| Virus and malwae checking tools| +| Week   | Bank Holiday| Bank Holiday| 
-| Week 8   Hashing function | Kali password storing functions|+| Week   | Malicious code| Virus and malwae checking tools| 
 +| Week 10  Cryptography | Kali password storing functions
 +| Week 11  | Security coding walkthrough | Coding task pre-evaluation | 
 +| Week 12  | Test | coding task pre-evaluation | 
 +| Week 13  | Presentations of coding assignments| Presentations of coding assignments | 
 +| Week 13  | Evaluation| Presentations of coding assignments|
  
  
Line 49: Line 53:
  
  
 +
 +===== Task =====
 +
 +**Objective:**
 +The objective of this task is to design, implement, and analyze a secure file storage system. The system should ensure the confidentiality, integrity, and availability of stored files. Additionally, students are required to explore and implement encryption techniques, access controls, and other security measures to protect sensitive data
 +
 +1. System Design: 
 +Define the requirements and functionalities of the secure file storage system.
 +Design the architecture, specifying components such as servers, databases, and client interfaces.
 +Clearly outline the security objectives (confidentiality, integrity, availability).
 +Encryption Implementation:
 +
 +2. Algorithms:
 +Choose a suitable encryption algorithm(s) for securing stored files.
 +Implement encryption and decryption mechanisms to protect the confidentiality of files.
 +Discuss the key management strategy to securely handle encryption keys.
 +
 +3. Access Control and Authentication:
 +Implement access controls to restrict file access based on user roles and permissions.
 +Integrate a robust authentication mechanism to verify the identity of users.
 +Consider multi-factor authentication for enhanced security.
 +
 +4. Audit Trail and Logging:
 +Implement logging mechanisms to record user activities and file access.
 +Create an audit trail for monitoring and analysis of security incidents.
 +Discuss how the audit trail can be used for forensic purposes.
 +
 +5.Data Integrity and Redundancy:
 +Implement mechanisms to ensure the integrity of stored files.
 +Explore techniques for redundancy and data backup to ensure availability.
 +Discuss the recovery plan in case of data loss or system failure.
 +
 +6. User Interface and User Experience:
 +Develop a user-friendly interface for uploading, downloading, and managing files securely.
 +Ensure that the user interface promotes security best practices and guides users on secure behavior.
 +
 +7.Security Analysis:
 +Conduct a thorough security analysis of the implemented system.
 +Perform penetration testing to identify vulnerabilities and propose mitigation strategies.
 +Provide a detailed report on the overall security posture of the system.
 +
 +
 +8. Documentation and Presentation:
 +Document the entire design and implementation process.
 +Prepare a presentation highlighting key features, security measures, and the rationale behind design choices.
 +
 +**Evaluation Criteria:**
 +
 +__Functionality (30%)__:
 +Successful implementation of encryption, access controls, and authentication.
 +File upload/download functionality.
 +Proper error handling and user feedback.
 +
 +__Security Measures (30%):__
 +Effectiveness of encryption techniques.
 +Robustness of access controls and authentication.
 +Quality of logging and audit trail.
 +
 +__User Interface (15%)__:
 +User-friendly design.
 +Clarity in guiding users on secure practices.
 +
 +__Security Analysis (15%):__
 +Thoroughness of security analysis.
 +Effectiveness of mitigation strategies.
 +
 +__Documentation and Presentation (10%):__
 +Clarity and completeness of documentation.
 +Quality of the presentation and ability to articulate key points.
  
 ===== Handouts ===== ===== Handouts =====
-  - {{tanszek:oktatas:w1_software_system_security.pdf|Week 1}} +  - {{tanszek:oktatas:software_system_security_2025_01_22.pdf | Software System Security}} 
-  - {{tanszek:oktatas:w2_software_system_security.pdf|Week 2}} +  - {{tanszek:oktatas:w1_software_system_security.pdf|Week 1-2}} 
-  - [[https://www.youtube.com/watch?v=lZAoFs75_cs|Week 3]] +  - {{tanszek:oktatas:w2_software_system_security.pdf|Week 3-4}} 
-  - [[https://www.youtube.com/watch?v=3Kq1MIfTWCE|Week 4]] +  - {{ :tanszek:oktatas:cybersecurity_threats_identification_en2.pptx | Week 5}} 
-  - {{tanszek:oktatas:pythontools.pdf|Week 5}} +  - [[https://www.youtube.com/watch?v=lZAoFs75_cs|Week 6]] 
-  - {{tanszek:oktatas:week6.pdf|Week 6}} +  - [[https://www.youtube.com/watch?v=3Kq1MIfTWCE|Week 7-8]] 
-  - {{tanszek:oktatas:week7.pdf|Week 7}}+  - {{tanszek:oktatas:pythontools.pdf|Week 9-10}} 
 +  - {{tanszek:oktatas:week6.pdf|Week 11-12}} 
 +  - {{tanszek:oktatas:week7.pdf|Week 13-14}}
  
 ===== Test Questions ===== ===== Test Questions =====
Line 78: Line 153:
   - Explain MD5 algorithm   - Explain MD5 algorithm
   - Explain Message Authentication Code   - Explain Message Authentication Code
 +  - What are Malicious software ? What Harm do they cause ? What are the prevention actions you recommend?
 +  - Explain network penetration testing
 +  - Define Fundamental Security Design Principles
tanszek/oktatas/computer_system_security.1685346332.txt.gz · Last modified: 2023/05/29 07:45 by superuser