37689 - Sicurezza Informatica 1 (Computer Security 1)
Scientific Area
ING-INF/05
Credits
5
Objectives
The course provides an introduction to the principles, methods, and fundamental applications of computer security.
Topics
- Security requirements, security mechanisms, and attacks.
- Fundamentals of cryptography: classical cryptographic techniques;
symmetric ciphers (block ciphers, DES); hash functions; public key
cryptography (RSA, Diffie-Hellman, PKI)
- Applications: confidentiality, authentication, non-repudiation
(digital signature);
- Security Protocols: design and analysis of vulnerabilities
(Needham Schroeder Public Key authentication protocol, Otway-Rees,
Andrew Secure RPC protocol, Denning and Sacco key exchange protocol;
introduction to Kerberos e IPSec)
- Web security: cross-site scripting, SQL injection, cookie
poisoning, buffer overflow;
- Access Control: discretionary and mandatory access control;
access control matrices model; role-based access control.
Skills Acquired
At the end of the course, students will be able to assess the security
issues associated with software applications and will be able to
identify the security techniques necessary to meet the security
requirements.
Teaching activities
- Lectures: 50 hours
- Practicals: 30 hours
Examination
Oral or written examination on both theoretical and practical topics
covered during the course.
Prerequisites
Fondamenti di Informatica 1, Reti di Calcolatori 1
References
- Teaching material (slides and exercises) are available on AulaWeb.
- William Stallings. Cryptography and Network Security (Principles
and Practice, 4th ed.), Pearson - Prentice Hall, 2006.