Network security (2012/2013)

Course code
4S02798
Name of lecturer
Luca Vigano'
Coordinator
Luca Vigano'
Number of ECTS credits allocated
6
Academic sector
ING-INF/05 - INFORMATION PROCESSING SYSTEMS
Language of instruction
Italian
Location
VERONA
Period
I semestre dal Oct 1, 2012 al Jan 31, 2013.

Lesson timetable

I semestre
Day Time Type Place Note
Monday 8:30 AM - 11:30 AM lesson Lecture Hall B  
Wednesday 4:30 PM - 6:30 PM lesson Lecture Hall B  
Thursday 4:30 PM - 7:30 PM laboratorio Laboratory Alfa from Oct 12, 2012  to Jan 31, 2013

Learning outcomes

The objective of the course is to introduce the principal methodologies and technologies for the security of computer networks, of distributed information systems, and of service-oriented software architectures. The course thus provides the main theoretical and applied notions for the theoretical design, the practical realization and the formal analysis of protocols, networks, systems and architectures for information security.

Syllabus

- Introduction and basic notions:
-- Objectives, risks, attacks
-- Symmetric and asymmetric cryptography
-- Public-key infrastructures
-- Communication channels
-- Case studies (X.509, PGP)
- Security protocols:
-- Risk and attack models
-- Formal analysis techniques
-- Case studies (Kerberos, Transport Level Security TLS, Internet Key Exchange IKE, IP Security IPSec, Single Sign-On SSO)
- Privacy and anonymity:
-- Policies, problems and mechanisms (pseudonyms and proxies)
-- Case studies (Mix Networks, Crowds, Side-channel attacks)
- Intruders and firewalls
- Security of Web Services and service-oriented architectures
-- Case studies: Cross-site scripting, Cross-site Request Forgery, Injection attacks


The theoretical lectures will be integrated by a lab that will confront the students with problems related to different topics in information security and will thus allow them to carry out experiments and apply the concepts they have previously learned.

In order to be able to fully benefit from the course, it is advisable for the student to have attended a course on computer networks.

Assessment methods and criteria

The examination consists of a project and an oral examination.