LEARNING OUTCOMES

The class aims at giving the students the basic knowledge about the main aspects and technologies involved in the network and telecommunication security, including short summaries about privacy issues, blockchain technologies, and the audit and risk assessment procedures. Although the most substantial part of the course is focused on the network and telecommunication security, most of the introductory concepts and techniques included in this course are relevant also for the computer security contest, which is, in any case, briefly introduced and discussed too.

AIMS AND LEARNING OUTCOMES

The course's main objective is to provide a basic knowledge of the main aspects and techniques required to implement secure network and telecommunications services. The class is structured in two main parts.

The first part, after a concise reminder of the basic concepts, architectures, and main encryption techniques, completes the knowledge of the fundamental technologies with the presentation and discussion of secure hash functions, causal number generation mechanisms for security applications, data integrity assurance technologies, digital signature mechanisms, key distribution techniques and finally authentication approaches and solutions.

The second part introduces and describes the most relevant security protocols in use at the different network layers, in particular in the case of the line layer, the protocols and mechanisms adopted on both wired and wireless LANs, the IPSec protocol for the network layer, the SSL-TSL protocols for the transport layer, and at the application layer secure e-mail and DNS protection mechanisms. As a final topic, firewalls' operation and use are addressed.

At the end of the course, the student is familiar with the leading cyber security techniques used in telecommunications networks, can identify the most suitable solutions for securing different network contexts, and can critically analyze approaches that have already been adopted or proposed.

PREREQUISITES

[11:56] Raffaele Bolla

The student, to understand the course, need to have followed and studied the course Internet Technologies: Architectures and Protocols (90147) or to know about the following arguments 

• Basic concepts of data networking, 
• Circuit and packet switching
• Functional architectures
  • ISO OSI architecture
  • TCP/IP architecture, 
• Physical layer main characteristics (cables, optical fiber)
• Data layer essential characteristics
  • Ethernet/IEEE 802.3 protocol
  • Layer 2 bridging/switching
  • WiFi
• IPv4 basic concepts, including routing algorithms and protocols.
• TCP/UDP basic knowledge.
• Application level: Email, DNS
• Security related terminologies, security requirements, security mechanisms, attack types, security architectures, and models.
• Fundamentals of cryptography: classical cryptographic techniques; symmetric ciphers (block ciphers: DES and AES); block encryption operation mode, stream encryption, public-key cryptography (RSA, Diffie-Hellman, ECC).

TEACHING METHODS

Traditional direct lessons with application experience in network, transport, application layers, and firewalls. Please note that both support material and lectures are in English.

SYLLABUS/CONTENT

• Secure hash functions
• Message Authentication Code (MAC)
• Digital signature
• Key distribution techniques
• Authentication methods
• Telecommunication network protocols for security
  • Link Layer: NAC and WiFi Security
  • Network Layer: IP-Sec
  • Transport Layer: SSL/TSL
  • Application Layer: Secure Email and DNS
• Firewalls

RECOMMENDED READING/BIBLIOGRAPHY

1. Course material on Aulaweb: copy of all lecture slides
2. W. Stallings, Cryptography and Network Security – Principles and Practice (8th Global Edition), Pearson, 2022