OVERVIEW

The course aims to provide the student with a basic knowledge of the main aspects and technologies relating to the security of telecommunications networks, with the basic concepts, reference terminology, security architectures, and the main encryption techniques (symmetrical and asymmetrical) being summarised at the beginning of the course. It is noted that, although the proposed content is mainly focused on network and telecommunications security topics, most of it is also relevant to the general context of computer security.

AIMS AND CONTENT

LEARNING OUTCOMES

The class aims at giving the students the basic knowledge about the main aspects and technologies involved in the network and telecommunication security, including short summaries about privacy issues, blockchain technologies, and the audit and risk assessment procedures. Although the most substantial part of the course is focused on the network and telecommunication security, most of the introductory concepts and techniques included in this course are relevant also for the computer security contest, which is, in any case, briefly introduced and discussed too.

AIMS AND LEARNING OUTCOMES

The course's main objective is to provide a basic knowledge of the main aspects and techniques required to implement secure network and telecommunications services. The class is structured in two main parts.

The first part, after a concise reminder of the basic concepts, architectures, and main encryption techniques, completes the knowledge of the fundamental technologies with the presentation and discussion of secure hash functions, causal number generation mechanisms for security applications, data integrity assurance technologies, digital signature mechanisms, key distribution techniques and finally authentication approaches and solutions.

The second part introduces and describes the most relevant security protocols in use at the different network layers, in particular in the case of the line layer, the protocols and mechanisms adopted on both wired and wireless LANs, the IPSec protocol for the network layer, the SSL-TSL protocols for the transport layer, and at the application layer secure e-mail and DNS protection mechanisms. As a final topic, firewalls' operation and use are addressed.

At the end of the course, the student is familiar with the leading cyber security techniques used in telecommunications networks, can identify the most suitable solutions for securing different network contexts, and can critically analyze approaches that have already been adopted or proposed.

PREREQUISITES

[11:56] Raffaele Bolla

The student, to understand the course, need to have followed and studied the course Internet Technologies: Architectures and Protocols (90147) or to know about the following arguments 

• Basic concepts of data networking, 
• Circuit and packet switching
• Functional architectures
  • ISO OSI architecture
  • TCP/IP architecture, 
• Physical layer main characteristics (cables, optical fiber)
• Data layer essential characteristics
  • Ethernet/IEEE 802.3 protocol
  • Layer 2 bridging/switching
  • WiFi
• IPv4 basic concepts, including routing algorithms and protocols.
• TCP/UDP basic knowledge.
• Application level: Email, DNS
• Security related terminologies, security requirements, security mechanisms, attack types, security architectures, and models.
• Fundamentals of cryptography: classical cryptographic techniques; symmetric ciphers (block ciphers: DES and AES); block encryption operation mode, stream encryption, public-key cryptography (RSA, Diffie-Hellman, ECC).

TEACHING METHODS

Traditional direct lessons with application experience in network, transport, application layers, and firewalls. Please note that both support material and lectures are in English.

SYLLABUS/CONTENT

• Secure hash functions
• Message Authentication Code (MAC)
• Digital signature
• Key distribution techniques
• Authentication methods
• Telecommunication network protocols for security
  • Link Layer: NAC and WiFi Security
  • Network Layer: IP-Sec
  • Transport Layer: SSL/TSL
  • Application Layer: Secure Email and DNS
• Firewalls

RECOMMENDED READING/BIBLIOGRAPHY

1. Course material on Aulaweb: copy of all lecture slides
2. W. Stallings, Cryptography and Network Security – Principles and Practice (8th Global Edition), Pearson, 2022

TEACHERS AND EXAM BOARD

Exam Board

RAFFAELE BOLLA (President)

ROBERTO BRUSCHI (President)

FRANCO DAVOLI

IGOR BISIO (President Substitute)

LESSONS

LESSONS START

https://corsi.unige.it/10378/p/studenti-orario

Class schedule

The timetable for this course is available here: Portale EasyAcademy

EXAMS

EXAM DESCRIPTION

The examination consists of an initial multiple-choice written test followed by an oral assessment. The examined students only access the oral assessment if they obtain a score above a minimum threshold of sufficiency on the test.

ASSESSMENT METHODS

The test aims to verify the presence of a minimum level of knowledge. The oral exam has the task of ascertaining the level of critical capacity and reasoning acquired by the student on the course topics through pointed questions on the various technologies, requests to outline possible solutions to application problems, and the critical analysis of predefined scenarios and situations. The examination consists of an initial multiple-choice written test followed by an oral assessment. The examined students only access the oral assessment if they obtain a score above a minimum threshold of sufficiency on the test.

Students with learning disorders ("disturbi specifici di apprendimento", DSA) will be allowed to use specific modalities and supports that will be determined on a case-by-case basis in agreement with the delegate of the Engineering courses in the Committee for the Inclusion of Students with Disabilities.

Exam schedule