| Basic data | |||
|---|---|---|---|
| Introduction to Information Security |
Civil Law - 9. semester Commercial Law - 9. semester Constitutional-Administrative - 9. semester Criminal Law - 9. semester International Law - 9. semester The European Union Law - 9. semester |
4.0 | 127646 |
| Lecturer in charge | Consultations | Location |
|---|---|---|
| prof. dr. sc. Dražen Dragičević | Sabbatical |
Trg Republike Hrvatske 14, room 52 |
| Lecturer | Consultations | Location |
|---|---|---|
| izv. prof. dr. sc. Nina Gumzej (Lectures) | Fridays at 8 am |
Ćirilometodska 4, room 55/II |
| doc. dr. sc. Marko Jurić (Lectures) | Tuesdays, 9-10am, Dean's Office (TRH 14, first floor) |
Ćirilometodska 4, room 55 |
| doc. dr. sc. Tihomir Katulić (Lectures) | Gundulićeva 10, room br. 7 | |
| izv. prof. dr. sc. Hrvoje Lisičar (Lectures) | Gundulićeva 10, room Gundulićeva 10, soba Gundulićeva 10, soba 7 |
| Literature |
|---|
| Whitman, Michael E., Mattord, Herbert J; Principles of Information Security; Cengage Learning (2012) |
| Kouns, B., Kouns J; The Chief Information Security Officer; IT Governance Publishing (2011) |
| Serge Gutwirth, Yves Poullet, Paul de Hert; Data Protection in a Profiled World; Springer Science + Business Media (2010) |
| David I. Bainbridge; Introduction to Information Technology Law; Pearson Education (2007) |
| Direktiva 2013/40/EU Europskog Parlamenta i Vijeća od 12. kolovoza 2013. o napadima na informacijske sustave i o zamjeni Okvirne odluke Vijeća 2005/222/PUP; |
| Zakon o elektroničkim komunikacijama (NN 73/08, 90/11); |
| Zakon o zaštiti osobnih podataka (NN 103/03, 118/06, 41/08, 130/11); |
| Kazneni zakon, glava XXV (NN 125/11, 144/12); |
| Zakon o elektroničkoj trgovini (NN 173/03, 67/08, 36/09, 130/11); |
| Zakon o informacijskoj sigurnosti (NN 79/07); |
| Zakon o tajnosti podataka (NN 79/07, 86/12); |
| Description |
|---|
|
Definition of information security. Aspects of information security. Information security in the digital domain. - 2 hrs Information security in Croatian law. Confidentiality, integrity and availability of information systems and data. - 2 hrs Key concepts of information systems and access control. Cryptography and information systems. Biometrics. - 2 hr Vulnerabilities of information systems. Threats and attacks on information systems. - 2 hrs Security policy. Technological and organization aspects of managing access rights. Operating system and application protection from unauthorized access. - 2 hours Information Security Law - 4 hrs Data Confidentiality Law - 4 hrs Personal data protection Law - 2 hrs Institutional and regulatory framework of information security in the Republic of Croatia - 2 hrs Self-regulation. Information security standards overview. BS7799 standard. PCI DSS standards. - 4 hrs ISO 27000 family of information security standards. Basic tenets and concepts. - 2 hrs State information infrastructure - institutions and legal framework - 2 hrs |
| Exam dates |
|---|
|
20. 04. 2020.
01. 06. 2020.
15. 06. 2020.
29. 06. 2020.
31. 08. 2020.
14. 09. 2020.
|
| Detailed data |
|---|
| Cognitive Skills:
Knowledge and understanding After successfully completing the course, students will be able to: - define information security, - indicate methods and approaches to protection of information systems and data, - explain security risks in the environment of information technology, - explain institutional and regulatory framework of information security, - indicate legal solutions from domestic and comparative legislation.
Application After successfully completing the course, students will be able to: - apply legal regulations about information security, - use acquired knowledge in order to provide a better interpretation of the data protection, - conduct research about efficiency of protection of information security and application of legislative self-regulatory standards, - use acquired knowledge to ensure a high level of security of business information systems
Analysis After successfully completing the course, students will be able to: - connect the influence of high technologies on information security, - indicate vulnerabilities of information systems - examine procedures within business environment which can lead to vulnerability - indicate standards of information security - analyse legislative framework of information security - analyse self-regulatory and institutional framework of information security
Synthesis After successfully completing the course, students will be able to: - propose legislative solutions for the purpose of better regulation - pšpropose application of individual methods to realise a higher level of security - formulate security policy - propose changes in the existing institutional framework
Evaluation After successfully completing the course, students will be able to: - examine procedures and manner of regulation of information security - compare legal regulation of information security in the Republic of Croatia, EU and other legal orders - compare the institutional framework Practical and Generic Skills:After successfully completing the course, students will be able to: - publicly present learning outcomes - express themselves in a clear, well structured text explaining their standpoints, - develop communication skills. - develop presentation skills - develop the ability of data analysis - develop the ability of finding and selecting relevant data - develop the ability of team work Matching Assessments to Learning Outcomes:Oral examination will be used for testing learning ouitcomes. Oral examination comprises testing of theoretical knowledge from the area of legal regulation of information security, knowledge about legal regulation and regulatory framework, understanding the work of institutions and bodies with regard to protection of information security, knowledge about the most important results of self-regulation, industrial standards of information security, the ostructure of state information infrastructure, the development, implementation and assessment of the information security policy. |
Copyright 2018 - Pravni fakultet, Sveučilište u Zagrebu, sva prava pridržana.