Syllabus
- standards, standardization organization, legal regulation of national technical standardization, Act No. 22/1997 Coll., ČIA - accreditation
- overview of product safety standards: TCSEC, ITSEC, (marginal: CTCPEC, FC), Common Criteria - very detailed, ISO 15408, FIPS 140-X
- risk analysis, information security management in the organization IS0 27001, ISO27k system, GDPR, KII, practice
- current events in the field of safety standardization and requirements of national legislation
- new European certification scheme (EU, ENISA, use of CC and other standards), CAB, application to the requirements of laws under the responsibility of: NBU, NÚKIB, ÚOOÚ
Annotation
This course describes contents of basic norms and standards in cryptography. It focuses mainly on ISO norms and norms used in analysis of cryptographic modules and evaluation of information security.
Standards of basic cryptographic primitives (hash functions, asymmetric functions, symmetric functions) will also be discussed. Differences in methods (testing, evaluation, certification, acreditation) of these norms will be explained.