CODE 104781 ACADEMIC YEAR 2021/2022 CREDITS 5 cfu anno 2 INTERNET AND MULTIMEDIA ENGINEERING 10378 (LM-27) - GENOVA SCIENTIFIC DISCIPLINARY SECTOR ING-INF/05 LANGUAGE English TEACHING LOCATION GENOVA SEMESTER 1° Semester MODULES Questo insegnamento è un modulo di: SECURITY, 5G AND IOT TEACHING MATERIALS AULAWEB AIMS AND CONTENT LEARNING OUTCOMES The class aims at giving the students the basic knowledge about the main aspects and technologies involved in the network and telecommunication security, including short summaries about privacy issues, blockchain technologies, and the audit and risk assessment procedures. Although the most substantial part of the course is focused on the network and telecommunication security, most of the introductory concepts and techniques included in this course are relevant also for the computer security contest, which is, in any case, briefly introduced and discussed too. AIMS AND LEARNING OUTCOMES The main goal of the classes is to provide knowledge on the relevant aspects and techniques for realizing secure network/communication services. The main structure of the course is organized into three parts. The first part is dedicated to refining the general concepts in terms of security architectures, models, services, and essential technologies and tools. These last include the secure hash functions, the secure random number generators, the technologies for the assurance of the data integrity, the mechanisms for the digital signatures, and the techniques for user authentication and key distribution. The second part introduces and describes the leading security protocols used in the different network layers, i.e., WIFI security standards for the link layer, the IP-SEC protocol in the network layer, The SSL-TSL suite at the transport layer, and few examples of application layer security usage (i.e., secure email and secure DNS) Finally, the last part includes a few additional arguments. More specifically, it presents a survey about computer security, a description of the blockchain technologies, a high-level view of the privacy problem and GDPR, and possibly a few practical examples of simple vulnerabilities. TEACHING METHODS Traditional lectures and possibly few practical experiences. All lesson and supporting material are in English. SYLLABUS/CONTENT Secure hash functions; Message Authentication Code (MAC) Digital signature Key distribution Telecommunication network protocols for security Link Layer: NAC and WiFi Security Network Layer: IP-Sec Transport Layer: SSL/TSL Application Layer: Secure Email and DNS Vulnerability examples Computer System Security Blockchain principles Privacy basic concepts (GDPR) RECOMMENDED READING/BIBLIOGRAPHY Course material on Aulaweb: copy of all lecture slides W. Stallings, Cryptography and Network Security – Principles and Practice (7th Edition), Pearson, 2017 C. Koufman, R. Perlmon, M. Speciner, Network Security – Private Communications in a Public World (2nd Edition), Prectice Hall, 2002 TEACHERS AND EXAM BOARD RAFFAELE BOLLA Ricevimento: Appointment upon students' requests (direct or by email). Exam Board RAFFAELE BOLLA (President) ROBERTO BRUSCHI (President) FRANCO DAVOLI IGOR BISIO (President Substitute) LESSONS LESSONS START https://corsi.unige.it/10378/p/studenti-orario Class schedule The timetable for this course is available here: Portale EasyAcademy EXAMS Exam schedule Data appello Orario Luogo Degree type Note 10/01/2022 10:00 GENOVA Scritto + Orale 24/01/2022 10:00 GENOVA Scritto + Orale 14/02/2022 10:00 GENOVA Scritto + Orale 08/06/2022 11:30 GENOVA Scritto + Orale 27/06/2022 11:30 GENOVA Scritto + Orale 11/07/2022 11:30 GENOVA Scritto + Orale 12/09/2022 11:00 GENOVA Scritto + Orale