Information updated until 30/06/2026 CODE 108931 ACADEMIC YEAR 2026/2027 CREDITS 6 cfu anno 2 INTERNET AND MULTIMEDIA ENGINEERING 11962 (LM-27) - GENOVA SCIENTIFIC DISCIPLINARY SECTOR ING-INF/03 LANGUAGE English TEACHING LOCATION GENOVA SEMESTER 1° Semester OVERVIEW This module introduces the fundamental concepts and techniques for securing modern communication networks and Internet services. The course covers the principles of cryptography, authentication, and secure communications, as well as the security mechanisms implemented at different layers of the TCP/IP protocol stack. Students will gain an understanding of the technologies used to protect information and network infrastructures against common security threats. AIMS AND CONTENT LEARNING OUTCOMES The module provides the fundamental knowledge required to understand the principles and mechanisms for securing telecommunication networks and Internet-based communication systems. Students acquire the essential concepts of cryptography, authentication, and network protection, together with the engineering principles needed to analyze security protocols and evaluate their application in modern communication infrastructures. AIMS AND LEARNING OUTCOMES The module aims to provide students with the fundamental concepts and engineering principles underlying network and information security. The course introduces cryptographic techniques, authentication mechanisms, and security protocols operating at different layers of the communication architecture, developing the analytical skills required to understand how confidentiality, integrity, authentication, and access control are achieved in modern communication systems. Upon successful completion of the module, students will be able to: • Explain the fundamental security objectives of communication systems, including confidentiality, integrity, authentication, and access control. • Describe the operating principles of symmetric and asymmetric cryptographic techniques and their application to network security. • Analyze the role of cryptographic hash functions, message authentication codes, and digital signatures in protecting information. • Explain the mechanisms used for key distribution and entity authentication in communication networks. • Assess the security functions provided by protocols operating at different layers of the TCP/IP architecture. • Analyze the operation of security technologies such as NAC, Wi-Fi security mechanisms, IPsec, TLS, secure e-mail systems, and secure DNS services. • Evaluate the effectiveness of different network protection mechanisms against common security threats. • Explain the role and operation of firewalls in securing communication infrastructures. • Discuss network security issues using appropriate technical terminology and engineering reasoning.. PREREQUISITES The student, to understand the course, needs to have followed and studied the module Internet Technologies: Architectures and Protocols (90147) or to know about the following arguments Basic concepts of data networking, Circuit and packet switching Functional architectures ISO OSI architecture TCP/IP architecture, Physical layer main characteristics (cables, optical fiber) Data layer essential characteristics Ethernet/IEEE 802.3 protocol Layer 2 bridging/switching WiFi IPv4 basic concepts, including routing algorithms and protocols. TCP/UDP basic knowledge. TEACHING METHODS The course is delivered through traditional face-to-face lectures. Lectures combine the presentation of theoretical concepts with discussions of practical examples in cryptographic techniques, authentication methods, key management, secure communication protocols, and network protection mechanisms. Particular attention is devoted to the analysis of security solutions implemented at different layers of the TCP/IP protocol stack. Students are encouraged to actively participate in class discussions and to independently review the course materials. Additional information, teaching materials, announcements, and updates will be made available through the course AulaWeb page. Students with valid certifications for Specific Learning Disorders (SLDs), disabilities or other educational needs are invited to contact the teacher and the School's contact person for disability at the beginning of teaching to agree on possible teaching arrangements that, while respecting the teaching objectives, take into account individual learning patterns. Contacts of the School's disability contact person can be found at the following link Comitato di Ateneo per l’inclusione delle studentesse e degli studenti con disabilità o con DSA | UniGe | Università di Genova SYLLABUS/CONTENT The topics covered in the lectures are: Introduction to Network Security Basic concepts and terminology. Security objectives: confidentiality, integrity, availability, authentication, and access control. Reference architecture. Cryptographic Foundations Introduction to encryption techniques. Symmetric-key cryptography. Public-key cryptography. Data Integrity and Authentication Secure hash functions. Message Authentication Codes (MACs). Digital signatures. Authentication principles and methods. Key Management Key distribution techniques. Public Key Infrastructure (PKI). Certificates and certification authorities. Security Protocols for Telecommunication Networks Link Layer Security Network Access Control (NAC). Wi-Fi security mechanisms. Network Layer Security IPsec architecture and services. Transport Layer Security SSL/TLS protocols and secure communications. Application Layer Security Secure e-mail systems. DNS security mechanisms. Network Protection Mechanisms Firewalls: principles, architectures, and deployment models. Traffic filtering and access control policies. RECOMMENDED READING/BIBLIOGRAPHY Course material available on AulaWeb (https://www.aulaweb.unige.it), including lecture slides and additional teaching resources, is sufficient for preparing for the examination. Suggested textbook for further study: William Stallings, Cryptography and Network Security: Principles and Practice, 8th Edition, Pearson, 2022. TEACHERS AND EXAM BOARD RAFFAELE BOLLA Ricevimento: Appointment upon students' requests (direct or by email). ALESSANDRO CARREGA LESSONS Class schedule The timetable for this course is available here: Portale EasyAcademy EXAMS EXAM DESCRIPTION The examination consists of a mandatory written test covering all topics included in the syllabus. The written test consists of multiple-choice questions designed to assess the student's knowledge and understanding of the theoretical concepts, security mechanisms, and protocols presented in the course. The maximum score achievable through the written test is 24/30. Students who pass the written test may optionally take an oral examination to improve their final grade. During the oral examination, students will be asked to discuss theoretical concepts, cryptographic techniques, authentication mechanisms, network security protocols, and protection technologies covered in the course. The oral examination may also include questions that require analysis of security scenarios and discussion of the operation and effectiveness of different security solutions. The final grade is determined based on the written test and, when taken, the oral examination. The oral examination allows students to demonstrate a deeper understanding of the course topics and achieve grades above 24/30, up to the maximum mark. ASSESSMENT METHODS The written examination assesses the student's knowledge and understanding of the fundamental concepts, techniques, and protocols covered in the course. Through multiple-choice questions, students are required to demonstrate familiarity with cryptographic principles, authentication mechanisms, key management techniques, security protocols, and network protection technologies. The optional oral examination is intended to assess the student's achievement of the module's learning outcomes at a deeper level. During the oral examination, students are expected to explain the operation of cryptographic and authentication mechanisms, analyze the security services provided by protocols operating at different layers of the TCP/IP architecture, and evaluate the effectiveness of network protection solutions in different application scenarios. Particular attention is given to the use of appropriate technical terminology, clarity of exposition, the ability to establish connections among different security mechanisms and protocols, and the capacity for critical reasoning on the strengths, limitations, and applicability of the technologies covered in the course. Students with Specific Learning Disorders (SLDs), disabilities, or other certified educational needs may be granted appropriate accommodations, to be agreed upon on a case-by-case basis in accordance with University of Genoa regulations and inclusion policies.
