Erinevus lehekülje "ITB8811 Foundations of Information Security Risk Analysis" redaktsioonide vahel

Allikas: Kursused
Mine navigeerimisribale Mine otsikasti
 
(ei näidata sama kasutaja 26 vahepealset redaktsiooni)
16. rida: 16. rida:
  
 
== Announcements ==
 
== Announcements ==
 +
 +
 +
Examination dates:
 +
 +
* 12/17/2019 SCI-028 10:00
 +
* 1/7/2020  SCI-028 10:00
 +
* 1/14/2020  SCI-028 10:00
  
 
== Lectures ==
 
== Lectures ==
24. rida: 31. rida:
 
# [[Media:ITB8811-2019-QualitativeRiskAssessment.pdf|Qualitative Risk Assessment]]
 
# [[Media:ITB8811-2019-QualitativeRiskAssessment.pdf|Qualitative Risk Assessment]]
 
# [[Media:Risk-Taxonomy-FAIR.pdf|Factor Analysis of Information Risk (FAIR)]]
 
# [[Media:Risk-Taxonomy-FAIR.pdf|Factor Analysis of Information Risk (FAIR)]]
 +
# [[Media:ITI8610-Riskmanagement.pdf|Risk Management]]
 +
# [[Media:ITI8610-2019-Reliability.pdf|Reliability and Availability]] and some [[Media:ITB8811-2019-Reliability-Availability-Tasks.pdf|tasks]] to practice
 +
# [https://www.researchgate.net/publication/225151465_Foundations_of_Attack_Trees Foundations of Attack Trees]
 +
# [http://people.rennes.inria.fr/Barbara.Kordy/papers/survey.pdf Attack Tree Survey]
 +
# [https://arxiv.org/pdf/1210.8092.pdf Quantitative Questions on Attack-Defense Trees]
 +
# [https://research.cyber.ee/~peeter/research/attacks11.pdf Rational Choice Of Security Measures via Multi-Parameter Attack Trees]
 +
# [https://digi.lib.ttu.ee/i/?496 Efficient Semantics of Parallel and Serial Models of Attack Trees]
 +
# [[Media:ITB8811-2019-Recap.pdf|Topics to prepare for the test]]
 +
 +
== Assignments ==
 +
# Think of an enterprise, a process, a system, or a product and perform qualitative risk analysis using the FAIR framework by filling in the following [[Media:ITB8811-2019-FAIR_Template.zip|FAIR Template]]
 +
# Perform cost analysis of human originated threats in your case studies. Use the tool [https://satoss.uni.lu/members/piotr/adtool/ ADTool] for modeling, export attack trees in XML format and submit.

Viimane redaktsioon: 9. jaanuar 2020, kell 07:24

Course information

Code: ITB8811 Foundations of Information Security Risk Analysis

ECTS: 6

Assessment form: examination

Instructor: Aleksandr Lenin, email: aleksandr dot lenin at taltech dot ee

Schedule

Tue 10:00 - 11:30 SCI-028 Lecture

Tue 11:45 - 12:15 SCI-028 Practice

Announcements

Examination dates:

  • 12/17/2019 SCI-028 10:00
  • 1/7/2020 SCI-028 10:00
  • 1/14/2020 SCI-028 10:00

Lectures

  1. Introduction
  2. Security Risk
  3. Financial Risk
  4. Qualitative Risk Assessment
  5. Factor Analysis of Information Risk (FAIR)
  6. Risk Management
  7. Reliability and Availability and some tasks to practice
  8. Foundations of Attack Trees
  9. Attack Tree Survey
  10. Quantitative Questions on Attack-Defense Trees
  11. Rational Choice Of Security Measures via Multi-Parameter Attack Trees
  12. Efficient Semantics of Parallel and Serial Models of Attack Trees
  13. Topics to prepare for the test

Assignments

  1. Think of an enterprise, a process, a system, or a product and perform qualitative risk analysis using the FAIR framework by filling in the following FAIR Template
  2. Perform cost analysis of human originated threats in your case studies. Use the tool ADTool for modeling, export attack trees in XML format and submit.