|
Lecturer(s)
|
|
|
|
Course content
|
1. The General Data Protection Regulation (GDPR) and its implications for the information society. 2. New rights and protections for data subjects (declared in GDPR) and the resulting data administrator responsibilities. Data administrator responsibilities for privacy violations, potential sanctions for the institution. 3. ePrivacy regulation complementing GDPR and protection of metadata derived from mobile electronic communications (geolocation data, etc.) 4. Identification of personal data and special personal data, quasi-identifiers. 5. Personal data of users acquired by applications thanks to simultaneous sensors on mobile devices (geolocation, biometrics, etc.). 6. Digital time-space fingerprints of the mobile user and their minimization. 7. Current methods used to locate the user, their accuracy, advantages and disadvantages. 8. Identify fraudulent techniques and software (social engineering, phishing, malware). 9. Threats of personal data leakage and privacy erosion of mobile ICT users. 10. Correct handling of passwords and other sensitive information in web applications and databases. 11. Security and personal data protection by encryption, anonymization, and pseudonymization. 12. Data Protection Officer (DPO) role in ICT security. 13. Web applications security (PHP, SQL and JavaScript) against the most common vulnerabilities Cross-Site Scripting (XSS), CSRF (Cross-Site Request Forgery), SQL injection, session hijacking, etc.
|
|
Learning activities and teaching methods
|
- Contact teaching
- 52 hours per semester
|
|
Learning outcomes
|
The aim of the course is to acquaint students with the rules and best practices in the area of cyber security and personal data protection, focused on mobile ICT. Knowledge of the subject will enable students to apply security principles when designing and implementing applications in compliance with EU regulations such as GDPR or ePrivacy required in practice.
Passing the course, information on cyber security is obtained, which supports the design and development of web application protected against vulnerabilities.
|
|
Prerequisites
|
The prerequisites for this course is basic orientation in mobile ICT.
|
|
Assessment methods and criteria
|
Oral examination, Written examination, Home assignment evaluation
In the practical work the student will design and develop a web application (PHP, JavaScript, HTML, SQL) in which will use deklared security techniques against the most frequent vulnerabilities.
|
|
Recommended literature
|
-
HARWOOD, Mike. Internet Security: how to defend against attackers on the web. Burlington, MA: Jones & Barlett Learning, 2016. ISBN 978-1-284-09055-0.
-
KOLOUCH, Jan. CyberCrime. Praha, 2016. ISBN 978-80-88168-15-7.
|