Erinevus lehekülje "ITB8811 Foundations of Information Security Risk Analysis" redaktsioonide vahel

Allikas: Kursused
Mine navigeerimisribale Mine otsikasti
 
(ei näidata sama kasutaja 9 vahepealset redaktsiooni)
18. rida: 18. rida:
  
  
* Examination dates:
+
Examination dates:
  
# Dec 17th 2019 10AM SCI-028
+
* 12/17/2019 SCI-028 10:00
# TBA (January 2020)
+
* 1/7/2020   SCI-028 10:00
# TBA (January 2020)
+
* 1/14/2020 SCI-028 10:00
 
 
* Consultation times:
 
 
 
# Dec 10th 2019 10AM SCI-028
 
# TBA (January 2020)
 
# TBA (January 2020)
 
  
 
== Lectures ==
 
== Lectures ==
42. rida: 36. rida:
 
# [http://people.rennes.inria.fr/Barbara.Kordy/papers/survey.pdf Attack Tree Survey]
 
# [http://people.rennes.inria.fr/Barbara.Kordy/papers/survey.pdf Attack Tree Survey]
 
# [https://arxiv.org/pdf/1210.8092.pdf Quantitative Questions on Attack-Defense Trees]
 
# [https://arxiv.org/pdf/1210.8092.pdf Quantitative Questions on Attack-Defense Trees]
 +
# [https://research.cyber.ee/~peeter/research/attacks11.pdf Rational Choice Of Security Measures via Multi-Parameter Attack Trees]
 +
# [https://digi.lib.ttu.ee/i/?496 Efficient Semantics of Parallel and Serial Models of Attack Trees]
 +
# [[Media:ITB8811-2019-Recap.pdf|Topics to prepare for the test]]
  
 
== Assignments ==
 
== Assignments ==
 
# Think of an enterprise, a process, a system, or a product and perform qualitative risk analysis using the FAIR framework by filling in the following [[Media:ITB8811-2019-FAIR_Template.zip|FAIR Template]]
 
# Think of an enterprise, a process, a system, or a product and perform qualitative risk analysis using the FAIR framework by filling in the following [[Media:ITB8811-2019-FAIR_Template.zip|FAIR Template]]
 +
# Perform cost analysis of human originated threats in your case studies. Use the tool [https://satoss.uni.lu/members/piotr/adtool/ ADTool] for modeling, export attack trees in XML format and submit.

Viimane redaktsioon: 9. jaanuar 2020, kell 07:24

Course information

Code: ITB8811 Foundations of Information Security Risk Analysis

ECTS: 6

Assessment form: examination

Instructor: Aleksandr Lenin, email: aleksandr dot lenin at taltech dot ee

Schedule

Tue 10:00 - 11:30 SCI-028 Lecture

Tue 11:45 - 12:15 SCI-028 Practice

Announcements

Examination dates:

  • 12/17/2019 SCI-028 10:00
  • 1/7/2020 SCI-028 10:00
  • 1/14/2020 SCI-028 10:00

Lectures

  1. Introduction
  2. Security Risk
  3. Financial Risk
  4. Qualitative Risk Assessment
  5. Factor Analysis of Information Risk (FAIR)
  6. Risk Management
  7. Reliability and Availability and some tasks to practice
  8. Foundations of Attack Trees
  9. Attack Tree Survey
  10. Quantitative Questions on Attack-Defense Trees
  11. Rational Choice Of Security Measures via Multi-Parameter Attack Trees
  12. Efficient Semantics of Parallel and Serial Models of Attack Trees
  13. Topics to prepare for the test

Assignments

  1. Think of an enterprise, a process, a system, or a product and perform qualitative risk analysis using the FAIR framework by filling in the following FAIR Template
  2. Perform cost analysis of human originated threats in your case studies. Use the tool ADTool for modeling, export attack trees in XML format and submit.