Sicurezza dei sistemi informatici

Dipartimento di Informatica Sistemistica e Telematica – Università degli Studi di Genova

Insegnamento mutuato dal Corso di Laurea Specialistica in “Ingegneria informatica”, Genova, con l’obiettivo di affrontare i fondamenti della sicurezza su reti e su sistemi informatici; in particolare verranno affrontati temi di crittografia, system security, network security e web security.

  1. Introduction
    1. Introduction to Computer Security
    2. The concepts of resource, vulnerability, threat, countermeasure, and risk
    3. Security goals: confidetiality, integrity, availability, …
  2. Introduction to Cryptography
    1. Fundamental concepts (cryptography, criptoanalysis, general cryptographic schema)
    2. Monoalphabetic substitution ciphers, Polyalphabetic substitution ciphers, One-time pads
    3. Transposition ciphers
    4. Composite ciphers
    5. Introduction to symmetric cryptography
    6. Introduction to public-key cryptography
  3. Message Authentication and Digital Signatures
    1. Message integrity and authentication functions (message encryption, message authentication code, cryptographic hash functions)
    2. Digital signature
  4. Public Key Infrastructure (PKI)
    1. PKI components
    2. Certificates
    3. Trust models
    4. Key/certificate revocation and recovery
  5. Authentication Protocols
    1. Basic notions (protocol exection, assumptions and goals, attacker model)
    2. Examples of protocols (NSPK, Otway-Rees, Andrew Secure RPC, Denning & Sacco)
  6. Web Security
    1. Security on the client side (cookies and privacy, HTTP authentication mechanisms)
    2. Security on the server side (unvalidated input, broken authentication and session management, cross-site scripting, injection flaws, denial of service, …)

Bibliografia di riferimento:

  • Esame preparato su materiali didattici in lingua inglese forniti dal docente (Prof. Alessandro Armando) con il supporto del testo, in italiano, M. Fugini – F. Maio – P. Plebani. Sicurezza dei Sistemi Informatici. Apogeo, 2001


Annunci