ITB8811 Foundations of Information Security Risk Analysis

Allikas: Kursused
Mine navigeerimisribale Mine otsikasti

Course information

Code: ITB8811 Foundations of Information Security Risk Analysis

ECTS: 6

Assessment form: examination

Instructor: Aleksandr Lenin, email: aleksandr dot lenin at taltech dot ee

Schedule

Tue 10:00 - 11:30 SCI-028 Lecture

Tue 11:45 - 12:15 SCI-028 Practice

Announcements

Examination dates:

  • 12/17/2019 SCI-028 10:00
  • 1/7/2020 SCI-028 10:00
  • 1/14/2020 SCI-028 10:00

Lectures

  1. Introduction
  2. Security Risk
  3. Financial Risk
  4. Qualitative Risk Assessment
  5. Factor Analysis of Information Risk (FAIR)
  6. Risk Management
  7. Reliability and Availability and some tasks to practice
  8. Foundations of Attack Trees
  9. Attack Tree Survey
  10. Quantitative Questions on Attack-Defense Trees
  11. Rational Choice Of Security Measures via Multi-Parameter Attack Trees
  12. Efficient Semantics of Parallel and Serial Models of Attack Trees
  13. Topics to prepare for the test

Assignments

  1. Think of an enterprise, a process, a system, or a product and perform qualitative risk analysis using the FAIR framework by filling in the following FAIR Template
  2. Perform cost analysis of human originated threats in your case studies. Use the tool ADTool for modeling, export attack trees in XML format and submit.