CYBERSECURITY
SICUREZZA INFORMATICA
A.Y. | Credits |
---|---|
2020/2021 | 9 |
Lecturer | Office hours for students | |
---|---|---|
Alessandro Aldini | Wednesday 11-13 at the lecturer office |
Teaching in foreign languages |
---|
Course with optional materials in a foreign language
English
This course is entirely taught in Italian. Study materials can be provided in the foreign language and the final exam can be taken in the foreign language. |
Assigned to the Degree Course
Date | Time | Classroom / Location |
---|
Date | Time | Classroom / Location |
---|
Learning Objectives
The objective of this course is to introduce the theory of the modeling of secure cryptographic systems and protocols, on the basis of the current state of the art. Moreover, another goal is to train skills on cybersecurity aimed to identify potential threats of computer and information systems, as well as to protect the related security perimeter.
Program
01 Applied cryptography
01.01 Secret key cryptography
01.02 Stream ciphers
01.03 Block ciphers
01.04 Security against chosen plaintext attack
01.05 Message authentication code (MAC)
01.06 Keyed hash functions
01.07 Keyless hash functions
01.08 Authenticated encryption
01.09 Public key cryptography
01.10 Security against chosen ciphertext attack
01.11 Digital signatures
02 Cryptographic protocols
02.01 Identification protocols
02.02 Zero-knowledge proofs (ZKP)
02.03 Authenticated key exchange
02.04 Advanced authentication protocols
02.05 Formal verification of cryptographic protocols
03 Cybersecurity: attack and defense
03.01 Security perimeter
03.02 Kill chain: penetration testing and attack models
03.03 Kill chain: risk management and defense models
03.04 Security of the new technologies
Bridging Courses
There are no mandatory prerequisites.
Learning Achievements (Dublin Descriptors)
Knowledge and understanding: the student will be able to understand the theoretical notions behind the definition of cryptographic primitives and behind the construction of secure cryptographic protocols and systems, the solutions aimed at ensuring the main classes of security properties, the management issues for corporate security perimeters and the defense techniques against cyberattacks.
Applying knowledge and understanding: the student will be able to understand the main characteristics that make cryptographic protocols secure and corporate computer systems vulnerable to cyberattacks, with the aim of being able to apply such a knowledge for the modeling of secure systems with respect to the main security properties.
Making judgements: the student will be able to identify the main vulnerabilities of a corporate computer system and to verify the robustness of security perimeters, by specifying which defense tools are more adequate in this respect.
Communication skills: the student will be able to explain appropriately how and by which technologies it is possible to guarantee the security of corporate systems. The student will be also able to determine strengths and weaknesses of the main securing techniques.
Learning skills: the student will learn the capability of estimating the security properties of a cryptographic system and the main analysis techniques used for the verification of the security perimeter of corporate systems.
Teaching Material
The teaching material prepared by the lecturer in addition to recommended textbooks (such as for instance slides, lecture notes, exercises, bibliography) and communications from the lecturer specific to the course can be found inside the Moodle platform › blended.uniurb.it
Teaching, Attendance, Course Books and Assessment
- Teaching
Theory lectures and laboratory exercises, both face-to-face and on-line.
- Attendance
Although recommended, course attendance is not mandatory.
- Course books
Niels Ferguson, Bruce Schneier: Practical cryptography, J. Wiley Editor, 2003.
Cybersecurity: Attack and Defense Strategies, Yuri Diogenes and Erdal Ozkaya, Pack Pub., 2018.
- Assessment
The exam consists of an oral examination and of a project, which contribute to the same extent to the final score.
The oral examination is made out of three questions, one for each section of the course program. The aim of the oral examination is to verify communication skills and level of knowledge and understanding.
The project must be decided in agreement with the lecturer and involves three alternative modes: writing a paper on a depth analysis of a topic on which the student has to prepare a lecture, or else the formal analysis of a cryptographic protocol by using automated software verification tools, or else the deployment of a virtual network in which to conduct penetration testing and validation of defense models. The aim of the project is to verify learning skills and the ability of applying knowledge and understanding, as well as to verify making judgement abilities and communication skills.
- Disability and Specific Learning Disorders (SLD)
Students who have registered their disability certification or SLD certification with the Inclusion and Right to Study Office can request to use conceptual maps (for keywords) during exams.
To this end, it is necessary to send the maps, two weeks before the exam date, to the course instructor, who will verify their compliance with the university guidelines and may request modifications.
« back | Last update: 18/02/2021 |