Servizi per la didattica
PORTALE DELLA DIDATTICA

Cybersecurity

01UDROV

A.A. 2023/24

Course Language

Inglese

Course degree

Master of science-level of the Bologna process in Ingegneria Informatica (Computer Engineering) - Torino

Course structure
Teaching Hours
Teachers
Teacher Status SSD h.Les h.Ex h.Lab h.Tut Years teaching
Teaching assistant
Espandi

Context
SSD CFU Activities Area context
ING-INF/05 6 B - Caratterizzanti Ingegneria informatica
2021/22
This course deals with security issues in modern networked computer systems, paying special attention to data security and protection of computer networks and networked computer applications, in a closed (Intranet) or open (Internet) environment. The course aims to teach the skills needed to perform both the analysis and the high-level design of the security features of IT components and systems.
This course deals with advanced protection techniques for modern networked computer systems. The course aims to teach the skills needed to perform both a detailed technical analysis of the security features of IT components and systems and to design solutions to protect them.
Knowledge of the main categories of attack against IT systems. Knowledge and critical evaluation of the main concepts (encryption and digest) and technologies (PKI, firewall, VPN, TLS, S/MIME, e-documents) for IT security. Knowledge and critical evaluation of the security architectures for authentication and access control and ability to tailor them to the protection of IT systems. Ability to analyse the risks of a network application and design a solution for its protection.
Knowledge of the new and recent categories of attack against IT systems. Knowledge and critical evaluation of the advanced solutions for data and communication protection. Ability to analyse the risks of a network application and design a solution for its protection.
Foundations of telecommunication systems. Local and wide area networks, wired and wireless (Ethernet, ADSL, WiFI, GSM, IP, routing, ...). TCP/IP networks and applications. High-level programming (C, C++, or Java) and web programming (JS, PHP). Operating systems and database.
Foundations of telecommunication systems. Local and wide area networks, wired and wireless (Ethernet, ADSL, WiFI, GSM, IP, routing, ...). TCP/IP networks and applications. High-level programming (C, C++, or Java) and web programming (HTML, JS, PHP). Operating systems and database. Cryptography, data protection techniques, and security architectures (as provided by the courses "Information System Security" and "Cryptography" that are a prerequisite).
(1 CFU) Computer systems (in)security: problems and attacks (sniffing, spoofing, DOS, …), risk analysis. (1 CFU) Basic protection techniques: steganography, cryptography, digest, X.509 certificates, certification authorities (CA) and public-key infrastructures (PKI). (1 CFU) Authentication techniques (password, challenges, Kerberos) and related hardware devices (token and smart-card). (1 CFU) Network security: the IPsec standard to protect IP networks; security of the network configuration and management protocols; firewall and IDS to create protected subnets; virtual private networks (VPN); security of wireless networks. (1 CFU) Application security: e-mail protection (PGP, S/MIME), web security (SSL, TLS) and remote access protection (SSH, TLS), securing web applications. (1 CFU) Secure document workflow and e-commerce; national and international legislation about IT security; digital signature, electronic documents, GDPR (General Data Protection Regulation), forensic analysis.
(1 CFU) Public-key certificates and PKI: features, benefits, and threats. (1 CFU) Secure network channels (TLS and SSH) and security of wireless networks: features and risks. (1 CFU) Federated authentication architectures: SAML and OIDC for distributed authentication and authorization. (1 CFU) Information security: secure electronic documents; national and international legislation about IT security; GDPR (General Data Protection Regulation), forensic analysis. (1 CFU) Software security: pitfalls and design principles.
The course consists of lectures (36 hours), classroom exercises (9 hours), and laboratory (15 hours). The laboratory includes the development and analysis of several security solutions. There will be 5 different laboratory subjects.. The classroom exercises will analyse some security solutions, including those tested in the laboratory.
The course consists of lectures (36 hours), classroom exercises (9 hours), and laboratory (15 hours). The laboratory includes the development and analysis of several security solutions. There will be 5 different laboratory subjects. The classroom exercises will analyse some security solutions, including those tested in the laboratory.
Handouts of the instructor’s foils and manuals for laboratory coursework. All learning stuff is available at the instructor’s web site. An auxiliary textbook, covering many but not all the topics, is: - W. Stallings, 'Cryptography and Network Security - principles and practice', Prentice-Hall
Handouts of the instructor’s foils and manuals for laboratory coursework. All learning stuff is available at the teaching portal. An auxiliary textbook, covering many but not all the topics, is: - W. Stallings, 'Cryptography and Network Security - principles and practice', Prentice-Hall
Modalità di esame: Prova scritta (in aula); Elaborato scritto individuale;
Exam: Written test; Individual essay;
Written test (2 hours) with up to 10 open questions about the analysis and design of security solutions. The written test is a “closed book” one and the maximum grade is 30/30. Alternatively, the student can develop an individual homework about one of the course's topics, delivering a written report, optionally followed by an oral presentation. The report is evaluated up to 27/30 while the oral presentation is worth up to 3/30, for a total grade up to 30/30.
Gli studenti e le studentesse con disabilità o con Disturbi Specifici di Apprendimento (DSA), oltre alla segnalazione tramite procedura informatizzata, sono invitati a comunicare anche direttamente al/la docente titolare dell'insegnamento, con un preavviso non inferiore ad una settimana dall'avvio della sessione d'esame, gli strumenti compensativi concordati con l'Unità Special Needs, al fine di permettere al/la docente la declinazione più idonea in riferimento alla specifica tipologia di esame.
Exam: Written test; Individual essay;
Written test (90 minutes) with up to 10 open questions about the analysis and design of security solutions. The written test is a “closed book” one and the maximum grade is 30/30. Alternatively, the student can develop an individual homework about one of the course's topics, delivering a written report, optionally followed by an oral presentation. The report is evaluated up to 27/30 while the oral presentation is worth up to 3/30, for a total grade up to 30/30.
In addition to the message sent by the online system, students with disabilities or Specific Learning Disorders (SLD) are invited to directly inform the professor in charge of the course about the special arrangements for the exam that have been agreed with the Special Needs Unit. The professor has to be informed at least one week before the beginning of the examination session in order to provide students with the most suitable arrangements for each specific type of exam.
Esporta Word


© Politecnico di Torino
Corso Duca degli Abruzzi, 24 - 10129 Torino, ITALY
Contatti