LEARNING OUTCOMES

The class aims at giving the students the basic knowledge about the main aspects and technologies involved in the network and telecommunication security, including short summaries about privacy issues, blockchain technologies, and the audit and risk assessment procedures. Although the most substantial part of the course is focused on the network and telecommunication security, most of the introductory concepts and techniques included in this course are relevant also for the computer security contest, which is, in any case, briefly introduced and discussed too.

AIMS AND LEARNING OUTCOMES

The main goal of the classes is to provide knowledge on the relevant aspects and techniques for realizing secure network/communication services. The main structure of the course is organized into three parts.

The first part is dedicated to refining the general concepts in terms of security architectures, models, services, and essential technologies and tools. These last include the secure hash functions, the secure random number generators, the technologies for the assurance of the data integrity, the mechanisms for the digital signatures, and the techniques for user authentication and key distribution.

The second part introduces and describes the leading security protocols used in the different network layers, i.e., WIFI security standards for the link layer, the IP-SEC protocol in the network layer, The SSL-TSL suite at the transport layer, and few examples of application layer security usage (i.e., secure email and secure DNS)

Finally, the last part includes a few additional arguments. More specifically, it presents a survey about computer security, a description of the blockchain technologies, a high-level view of the privacy problem and GDPR, and possibly a few practical examples of simple vulnerabilities.

TEACHING METHODS

Traditional lectures and possibly few practical experiences. All lesson and supporting material are in English.

SYLLABUS/CONTENT

• Secure hash functions; 
• Message Authentication Code (MAC)
• Digital signature
• Key distribution
• Telecommunication network protocols for security
  • Link Layer: NAC and WiFi Security
  • Network Layer: IP-Sec
  • Transport Layer: SSL/TSL
  • Application Layer: Secure Email and DNS
• Vulnerability examples
• Computer System Security
• Blockchain principles
• Privacy basic concepts (GDPR)

RECOMMENDED READING/BIBLIOGRAPHY

1. Course material on Aulaweb: copy of all lecture slides
2. W. Stallings, Cryptography and Network Security – Principles and Practice (7th Edition), Pearson, 2017
3. C. Koufman, R. Perlmon, M. Speciner, Network Security – Private Communications in a Public World (2nd Edition), Prectice Hall, 2002