CODE 80156 ACADEMIC YEAR 2016/2017 CREDITS 9 cfu anno 1 INGEGNERIA INFORMATICA 8733 (LM-32) - SCIENTIFIC DISCIPLINARY SECTOR ING-INF/05 LANGUAGE Italiano TEACHING LOCATION SEMESTER 1° Semester AIMS AND CONTENT SYLLABUS/CONTENT Security requirements, security mechanisms, and attacks. Fundamentals of cryptography: classical cryptographic techniques; symmetric ciphers (block ciphers, DES); hash functions; public key cryptography (RSA, Diffie-Hellman, PKI) Applications: confidentiality, authentication, non-repudiation (digital signature); Security Protocols: design and analysis of vulnerabilities (Needham Schroeder Public Key authentication protocol, Otway-Rees, Andrew Secure RPC protocol, Denning and Sacco key exchange protocol; introduction to Kerberos e IPSec) Web security: cross-site scripting, SQL injection, cookie poisoning, buffer overflow; Access Control: discretionary and mandatory access control; access control matrices model; role-based access control. RECOMMENDED READING/BIBLIOGRAPHY Teaching material (slides and exercises) are available on AulaWeb. Charles P. Pfleeger Shari Lawrence Pfleeger. Security in Computing, 4/E. ISBN-10:0132390779, ISBN-13: 9780132390774, Prentice Hall Editor, 2007. (Available also in Italian) William Stallings and Lawrie Brown. Computer Security: Principles and Practice, 2/E ISBN10: 0132775069, ISBN-13: 9780132775069, Prentice Hall Editor, 2012 TEACHERS AND EXAM BOARD ALESSANDRO ARMANDO Ricevimento: Tuesday, 2:00pm - 5:00pm Exam Board ALESSANDRO ARMANDO (President) GABRIELE COSTA MARCO MARATEA DANILO MASSA ALESSIO MERLO GIANLUCA PAPALEO ARMANDO TACCHELLA EXAMS EXAM DESCRIPTION Written + Practical ASSESSMENT METHODS At the end of the course, students will be able to assess the security issues associated with software applications and will be able to identify the security techniques necessary to meet the security requirements. Exam schedule Data appello Orario Luogo Degree type Note 22/06/2017 14:00 GENOVA Scritto 20/07/2017 14:00 GENOVA Scritto 04/09/2017 14:00 GENOVA Scritto
