Sciences
Subject: SICUREZZA INFORMATICA (A.A. 2022/2023)
master degree course in COMPUTER SCIENCE
| Course year | 1 |
|---|---|
| CFU | 9 |
| Teaching units |
Unit Sicurezza informatica
Information Technology (lesson)
|
| Moodle portal |
Lezioni in streaming e registrate saranno disponibili a questo URL. Si ricorda che le registrazioni sono fornite in modalità "best effort": non aspettatevi inquadrature professionali e audio cristallino. Non si garantisce che tutte le lezioni vengano registrate. |
| Exam type | oral |
| Evaluation | final vote |
| Teaching language | Italiano |
Teachers
Overview
This class provides students with main concepts about IT security. In particular, it covers cryptography, security protocols, digital signature and authentication systems, network and system monitoring.
Attack techniques and protection methodologies and tools are considered in depth, while other topics, such as privacy issues, anonimity and information hiding, are outlined.
Admission requirements
Operating systems, Network protocols, Internet-based services
Course contents
Part I - Attacks
- Security communication protocols
- Wireless protocols vulnerabilities
- Operating systems and network applications vulnerabilities
Part II - Defense
- Risk maangement and security governance
- Private/Public Key systems, digital signature, certification authority
- Secure protocols: IPsec, SSL, HTTPS, S/MIME, SSH, PGP
Part III - Design of secure architectures
- Firewall
- Intrusion Detection System
- VLAN, NAT, Virtual Private Network, Intranet e Extranet, DMZ.
Part IV - Note on laws and policies
Information security policy
Privacy
Laws concerning cybercrime
Teaching methods
Classes carried out with the support of slides and training exercises in lab where each student is provided with his own PC.
Assessment methods
The examination consists of two parts typically scheduled in adjacent days. It aims to test knowledge and practical ability of all the educational objectives described above. - The first part is a computer test where the student can demonstrate his/her ability to solve a practical security problem similar to excercise tests done in lab classes. - Students who pass the lab test are admitted to the oral examination where they have to demonstrate knowledge about theoretical and practical problems discussed in class.
Learning outcomes
- To know the main methods of attack.
- To know the main methods and tools of defense of digital information.
- To know the main methods and tools of defense of networked systems.
- To know how to apply the methods and tools of defense in real contexts.
Readings
"Network Security Essentials", William Stallings, Pearson, 6th edition [ISBN: 0133370437]
"Practical Unix and Internet security", S. Garfinkel, G. Spafford, O'Reilly Media, 3rd edition [ISBN: 978-0-596-00323-4, ISBN 10: 0-596-00323-4]