PhD program
Information Security Systems

Information Security Systems

QUALIFICATION

  • Scientific and pedagogical direction - Doctor of Philosophy (PhD)

MODEL OF GRADUATING STUDENT

Upon completion of this program, PhD graduates are expected to be able to:
1.demonstrate a systematic understanding of information security techniques and tools;
2.justify the choice of decision-making methodology to ensure the protection of information;
3. demonstrate knowledge of patent search procedures, protection of intellectual property rights to scientific discoveries and developments;
4. analyze and evaluate, improve processes, develop specifications and design information security systems;
5. classify methods for ensuring and assessing security in information processing systems (operating systems and applications, networks, protocols);
6. to analyze the existing methods and means used for the control and protection of information, and to develop a proposal for their improvement and increase the effectiveness of this protection;
7. identify similarities and differences in methods and systems of protection, security assessment and measures taken to protect information, methodology for creating secure information systems;
8. develop software for innovative projects using the latest technological solutions;
9. evaluate the cryptographic strength of block ciphers, the synthesis of ciphers, encryption systems with public keys, key distribution protocols, identification, organization of confidential communication networks;
10. analyze, evaluate and synthesize new and complex ideas in the field of information security; formulate innovative scientific tasks in the field of design and development of information security systems;
11. to prepare on the basis of the results of the research publications that deserve coverage at the national and international levels, scientific and technical reports, reviews;
12. to substantiate the obtained scientific results in the field of information security in front of the wider scientific community, convincing opponents and observing the scientific ethics of the researcher.

Program passport

Speciality Name
Information Security Systems
Speciality Code
8D06301
Faculty
Information technology

disciplines

Academic writing
  • Number of credits - 2
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline: to help students avoid typical mistakes, both when creating written scientific texts, and when describing technical applications in the specialty "Information Security Systems". As a result of studying the discipline, the doctoral candidate will be able to: 1. To have a high level of logical and theoretical thinking, the ability to creatively use theoretical and technical applications of modern technologies in the field of information protection and the use of related information technologies to solve the practical problems of this specialty. 2. To possess the skills of conducting independent scientific research in the field of studying information security systems, using the basic tools for analyzing the security of operating systems and software, the ability to use the appropriate literature, electronic libraries and databases, necessary for an adequate and modern scientific review, as well as knowledge of methodologies their analytical description using a modern theoretical and methodological base. 3. To be able to create and analyze means of analysis and monitoring of information systems for vulnerabilities, stability and security, including stylistic features of the Kazakh and English languages. 4. To be able to conduct professional examination of scientific publications and software for information security, have the skills to edit and adjust scientific texts in this specialty, and software aimed at improving information security. 5. To possess the skills of organizing and managing projects in the field of scientific research and socio-pedagogical activities in the specialty of information security systems, as well as the formation of scientific and applied projects. The discipline "Academic writing" is focused on the development by students of knowledge about the structure, forms and contents of research work, on the formation of basic skills related to writing and analyzing a scientific text, taking into account the professional characteristics of the specialty "Information Security Systems".

Evaluation of Cryptographic Algorithms Strength
  • Number of credits - 5
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline the formation of doctoral students in-depth knowledge in the field of evalution of сryptographic algorithms strength. As a result of studying the discipline, the doctorate student will be able to: - master modern methods of evalution of сryptographic algorithms strength; - master modern methods of ensuring the confidentiality, integrity and authentication of data; - know the requirements for ciphers and the basic characteristics of ciphers and principles for constructing cryptographic algorithms; - apply known cryptanalysis methods for modern algorithms; - develop cryptographically secure cipher components; - explore the cryptographic properties of existing encryption algorithms; - assess the level of protection of information resources; implement the software implementation of modern methods of ciphers

Models and methods of information security assessment
  • Number of credits - 5
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - This course provides the overview of management processes and organizational controls required for data protection: Review of national, and other governmental and industry standards companies required to be compliant in safeguarding data. Analyze the depth and breadth of compliance management research, investigation of different approaches to data protection control and compliance. Critical security concepts that organizational executives need to understand. Vulnerabilities: sabotage, financial fraud, electronic attacks, blended attacks, and other malicious activity, Counter terrorism; Development policy to minimize attacks. Countermeasures: access controls and biometrics, and finally to develop a security plan to protect the organization. As a result of studying the discipline, the doctorate student will be able to: - To develop graduates with the ability to apply information security and audit knowledge, skills, techniques and tools to create best-possible solutions to practical problems of varying complexity, in a wide range of contexts - designation of the structure and principles of functioning of information security systems; - principles of operation of the main components and services of information security systems; - models and methods for modeling complex systems, principles for constructing models of processes for complex systems; - collect statistical data on the work of the information security system, - determine the main parameters of the system and on their basis draw conclusions about the effectiveness of its work;  - to carry out simulation and mathematical modeling the work of individual components of the information security system; - apply models and management methods in enterprises and organizations of various industries - to acquire knowledge of models and methods of management, types of classes; -to facilitate the acquisition, adoption and adaptation of information security best practices and audit knowledge, techniques and tools to improve organizations’ security and performance. - to equip students with specialized, advanced skills and capacity to enable them to pursue careers in research & development, academics, consultancy services and industry. In studying the discipline, the following topics will be considered: the concept of informational security, its in the system of national security Principles, tasks, functions and standards of information security in public administration. Organization legal support of work with open information in public management. Protection of the constitutional rights of citizens to preservation of personal confidentiality and confidentiality. personal data available in information systems of public authorities. personal management.structure and principles of information protection systems, principles of operation of the main components and services of information protection systems.

PhD thesis writing and defence
  • Number of credits - 12
  • Type of control - Докторская диссертация
  • Description - The main purpose of "PhD thesis writing and defence": of a doctoral dissertation is the formation of the doctoral students' ability to disclose the content of research work for the defense of the thesis. During the study of course, doctoral student's should be competent in: 1. to substantiate the content of new scientifically grounded theoretical and experimental results that allow to solve a theoretical or applied problem or are a major achievement in the development of specific scientific directions; 2. explain the assessment of the completeness of the solutions to the tasks assigned, according to the specifics of the professional sphere of activity; 3. they can analyze alternative solutions for solving research and practical problems and assess the prospects for implementing these options; 4. apply the skills of writing scientific texts and presenting them in the form of scientific publications and presentations. 5. to plan and structure the scientific search, clearly highlight the research problem, develop a plan / program and methods for its study, formalize, in accordance with the requirements of the State Educational Establishment, the scientific and qualification work in the form of a thesis for a scientific degree Doctor of Doctor of Philosophy (PhD) on specialty «8D07502 – Standardization and certification (by industry)». During the study of the discipline doctoral student will learn following aspects: Registration of documents for presentation of the thesis for defense. Information card of the dissertation and registration-registration card (in the format Visio 2003). Extract from the minutes of the meeting of the institution, in which the preliminary defense of the thesis took place. Cover letter to the Higher Attestation Commission. Expert conclusion on the possibility of publishing the author's abstract. Expert opinion on the possibility of publishing a dissertation. Minutes of the meeting of the counting commission. Bulletin for voting. A shorthand record of the meeting of the dissertational council. List of scientific papers. Response of the official opponent. A review of the leading organization. The recall of the scientific adviser.

Scientific Research methods
  • Number of credits - 3
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is the formation of doctoral students skills in the field of methodology of scientific knowledge. Competencies use standard algorithms and natural science methods. Own: information and technical mathematical apparatus and use modern tools for creating and processing information systems. use the knowledge of modern problems of information security systems and the specifics of the subject of information security systems in solving professional and educational problems. own a system of modern knowledge of information security systems. Know: technical, software and mathematical methods and algorithms of information security. use the already known research methods, as well as be able to carry out the modernization, development and generalization of these methods and possess: skills in mastering new methods of information security systems. use information technology, as well as new knowledge and skills in areas not related to the research of information security systems. Possess: the ability to independently acquire with the help of information technology and use in practice new knowledge and skills make reports and communications in the state and foreign languages and speak: state and foreign languages at a sufficient level that allows you to freely speak and understand practically apply the methods and technologies of modern technical and mathematical education possess the skills of testing, approbation and use of methods and technologies of technical and mathematical education in various educational institutions to manage the educational process using innovative technologies and own: the corresponding conceptual, informational and mathematical apparatus.This training course is an integrative part of the continuing education cycle and is aimed at the further development of research competencies acquired at the university, as well as the deepening of skills in the development of the methodological foundations of scientific knowledge and creativity in the field of information security; gaining knowledge in the field of creation, modeling and analysis of information systems in order to increase the level of security, as well as testing and modernization of the proposed information security systems; mastering the methodology of setting up adequate monitoring and audit of information security systems, as well as checking for vulnerabilities. To increase the level of knowledge of the urgent tasks of information security systems and the methods of teaching information security systems, their basic concepts related to information technologies in the field of pedagogical activity, taking into account the specifics of the specialty of education. The development of specifics in the state and foreign languages at a level that allows for professional communication, including modern methods and technologies for organizing and implementing the educational process at various educational levels in educational institutions, as well as general provisions and approaches to the organization of management in education

Data for 2021-2024 years

disciplines

Analysis of Cryptocurrency technologies security
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of discipline is the study of the fundamentals of cryptocurrency technologies and security analysis of Bitcoin-like systems. Will be studied: - mathematical foundations of blockchain technologies; - structure and technologies of cryptocurrency transactions; - Security analysis of bitcoin and darkcoin-like systems -development and analysis of protocols ensuring the anonymity of cryptocurrency transactions As a result of studying the discipline, the doctorate student will be able to: understand the fundamental laws of the functioning of cryptocurrency systems, analyze confidentiality and anonymity provisions in Bitcoin-like payment systems, integrate cryptocurrency systems ideas into their own research, analyze cryptocurrency transactions in order to identify forensic components. In studying the discipline, the following topics will be considered: Cryptographic hash functions Blockchain technology Bitcoin decentralization mechanism Bitcoin transaction basics Bitcoin mining Cryptocurrency payment system models Anonymity in cryptocurrency systems Bitcoin and Darkcoin-like systems Transaction Analysis, Case Studies

Cryptanalysis
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline «Cryptanalysis» is development of disciplinary competencies associated with the disclosure of the use of technology and the study of the basic principles and methods of analysis of cryptographic algorithms. Expected learning outcomes: - to manage and systematize the main provisions, the concepts related to the security of algorithms; - to compare ideas about the theoretical and applied aspects of the problems of using cryptographic algorithms; - to master and apply knowledge of the basic types of symmetric and asymmetric cryptographic algorithms; - know fast methods for decomposing numbers into prime factors; - know fast discrete logarithmization methods; - to generalize the theory of security when using cryptographic protocols; - interpret security threats and be able to eliminate them using cryptographic algorithms; - to classify the basic scientific disciplines adopted by axiomatics and terminology in cryptology and cryptanalysis; - be able to apply cryptanalysis methods when justifying security in the system; - to classify the main methods of analysis of cryptographic algorithms; - to interpret and combine various methods and means of cryptanalysis; - be able to present the work of cryptographic information transfer protocols; - the use of solutions when choosing methods of linear and differential cryptographic analysis; - mastering the methods for evaluating the cryptographic strength of algorithms.

Cryptographic Generators of Pseudo-Random Sequences, the Assessment of Their Quality
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to provide objective knowledge of the fundamental principles of information protection using cryptographic methods and examples of how these methods are put into practice. As a result of studying the discipline, the doctorate student will be able to: • have an idea of ​​the main directions and prospects for the development of methods and means of information protection; • establish the authenticity of transmitted messages, storage of information (documents, databases), embedding of hidden proprietary information; • use cryptographic protocols; • solve and investigate systems of comparisons with unknowns. During the study of the discipline students will learn following aspects: Evaluation of the reliability of cryptoalgorithms. Requirements for generators PSP. Combining linear congruential generators. Two-stage stochastic generators of multi-bit bandwidth. Selection of tests D. Knut.

Cryptographic Key Management Systems
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline the presentation of the basic principles of construction and mathematical justification of key management. As a result of studying the discipline, the doctorate student will be able to: • know the theoretical and applied aspects of the key generation mechanism using symmetric cryptographic methods; • master the principles of building conceptual key distribution models; • explore the characteristics of key management services; • know the requirements for key management systems; • assess the level of protection of information resources. During the study of the discipline students will learn following aspects: The inclusion of users in the system. Development, distribution and introduction to key hardware. Key usage control. Change and destroy keys. Archiving, storage and recovery of keys.

Cryptographic Techniques Based on Modular Arithmetic
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline of the discipline is the study of the mathematical foundations of cryptography and the methods and algorithms of cryptographic information protection systems developed on the basis of non-positional polynomial number systems (NPSS) and models of their software implementation. As a result of studying the discipline, the doctorate student will be able to: • know the basic concepts of modular arithmetic (the theory of comparisons) of integers; - know the basic concepts of abstract algebra, theorems and algorithms for finite groups; - use cryptographic protocols; - solve and investigate systems of comparisons with unknowns; - choose the cryptosystem required by practical circumstances; - carry out programming of the algorithms used. During the study of the discipline students will learn following aspects: The emergence and development of nonpositional number systems. Fields of application of nonpositional number systems. The role of modular arithmetic in cryptography. Comparisons of integers by this module. The group of reversible elements of the ring Zn. The problem of factorization of integers and polynomials. Some partial factorization algorithms.

Development of information security tools
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline to encourage students to learn about information security problems, to familiarize the organizational component of the information protection system. As a result of studying the discipline, the doctorate student will be able to: -be able to use information law in the theory of state and law; - know the principles of certification, standardization, accreditation in the information sphere; - licensing of activities in the field of information protection; - criteria for evaluating the effectiveness and reliability of legal liability for violation of information protection standards; - to analyze the principles of organization and structure of the subsystems for the protection of technical channels of information leakage. - use authentication tools in operating systems; - plan database security policy. In studying the discipline, the following topics will be considered: - legal support of information security; - organizational support of information security; - functions of the organizational component of the information protection system; - authentication in operating systems; - access control to protected objects; - security of database systems; - levels of information infrastructure of the corporate network; - technical channels of information leakage; - certification of information objects for information security requirements.

Machine Learning Algotithms for Information Assurance
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline formation of a complex of professional knowledge and skills of students in the field of creating machine learning systems; skills of creating and conducting research on data mining methods for solving problems in the field of information security. As a result of studying the discipline, the doctorate student will be able to: - know the basics of data processing, the basic algorithms of machine learning without a teacher, - design machine learning systems; - create computer programs and their modules based on machine learning systems; - have the skills to choose algorithms for solving the problem; - be able to design machine learning systems for a given set of source data; - to conduct research on intellectual methods of countering threats to information security breaches; - analyze the development of intellectual methods of information protection. In studying the discipline, the following topics will be considered: Basic concepts of machine learning methods. Training with a teacher and without. Mathematical basics of working with matrices and vectors. Linear models. Simple linear regression. Hierarchical cluster analysis and the number of shared clusters. Separability of data and regularization of methods. Theory and methodology of information security and information security. Methods, models and means of identifying, identifying and classifying threats to information security breaches of objects of various types and classes. Models and methods of information security management.

Programming of security systems
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to form the ability to provide security measures for software of computer systems for various purposes. As a result of studying the discipline, the doctorate student will be able to: - know the main provisions, concepts and categories related to software security; - to consider the theoretical and applied aspects of the problem of ensuring the security of software for computer systems for various purposes; - know why and from whom it is necessary to protect the software of computer systems; - to study the threats to software security and examples of their implementation in the modern computer world; - know the life cycle of computer systems software. Technological and operational safety of programs; - study all threat models and software security principles; - to ensure the technological security of the software. - master the methods of ensuring the reliability of programs to control their technological safety; - create an algorithm of safe procedures; - know the methods and means of protecting programs from computer viruses. - to study the methods of software protection at the stage of its operation and maintenance; - use the means to ensure the integrity and reliability of the program code In studying the discipline, the following topics will be considered: theoretical and applied aspects of the problem of ensuring the security of software for various computer systems, threats to software security and examples of their implementation in the modern computer world, the life cycle of computer systems software, positions, concepts and categories, the algorithm of safe procedures.

Testing safety systems
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to test various programmed security systems. As a result of studying the discipline, the doctorate student will be able to: - know the basic tasks and concepts of cryptography; - use cipher requirements and basic characteristics cipher; - to study standards, models and encryption methods; - to study the principles of the construction of cryptographic algorithms, cryptographic standards and their use in information systems; - know the methods of cryptanalysis; - apply well-known cryptanalysis methods for modern algorithms; - apply mathematical methods in solving problems; - choose methods and means, conduct a comparative analysis; - assess the level of protection of information resources; - master the methods of building a mathematical model of professional tasks and meaningful interpretation of the obtained results In studying the discipline, the following topics will be considered: basic tasks and concepts of cryptography, requirements for ciphers and basic characteristics of ciphers, standards, models and encryption methods, mathematical methods for solving problems, methods and tools, comparative analysis, level of protection of information resources, methods for constructing a mathematical model of professional tasks and meaningful interpretation of the results .

Theory, methods and tools of cryptography
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline - the formation of students' professional competencies associated with a holistic view of modern problems of ensuring information security, mastering the basic methods and means of cryptographic protection of information. As a result of studying the discipline, the doctorate student will be able to: • Describe how various cryptography algorithms and protocols work. • Criticize other people's work based on rigorous principles. • Appraise the great work in this field, and articulate why the work is great. • Evaluate security mechanisms using rigorous approaches, including theoretical derivation, modeling, and simulations. • Formulate research problems in the computer security field. • Develop solutions to the formulated problems. • Clearly present ideas and research results. In studying the discipline, the following topics will be considered: Theoretical foundations of asymmetric cryptography. Euler and Fermat theorems. Generalized Euclidean algorithm. Algorithm of quick exponentiation. DiffHellman system. Arithmetic operations in simple fields and rings of integers, calculations manually and using a computer. Use library tools to search for random primes. Basic encryption and electronic signature algorithms. Cryptographic protocols and security analysis methods. Cryptographic evidence protocol with zero disclosure. Statistical tests for checking cryptographic ciphers. Statistical attack on block ciphers.

Data for 2021-2024 years

INTERNSHIPS

Pedagogical
  • Type of control - Защита практики
  • Description - Aim оf discipline: formation of the ability to carry out educational activities in universities, to design the educational process and conduct certain types of training sessions using innovative educational technologies.

Research
  • Type of control - Защита практики
  • Description - The purpose of the practice: gaining experience in the study of an actual scientific problem, expand the professional knowledge gained in the learning process, and developing practical skills for conducting independent scientific work. The practice is aimed at developing the skills of research, analysis and application of economic knowledge.

Data for 2021-2024 years