This course deals with security issues in modern networked computer systems, paying special attention to data security and protection of computer networks and networked computer applications, in a closed (Intranet) or open (Internet) environment. The course aims to teach the skills needed to perform both the analysis and design of the security features of a networked computer system.

- Knowledge of the main categories of attack against networked computer systems - Knowledge and critical evaluation of the main methodologies (encryption and digest) and technologies (PKI, firewall, VPN, TLS, S/MIME, e-documents) for computer and information security - Knowledge and critical evaluation of the security architectures for authentication and access control and ability to tailor them to the protection of networked computer systems - Ability to analyse the risks of a network application and design a solution for its protection

Ethernet local networks. Wireless networks. TCP/IP networks and applications. High-level programming (in C, C++, or Java). Operating Systems.

- (1 CFU) Computer systems (in)security: problems and attacks (sniffing, spoofing, DOS, '). - (1 CFU) Basic protection techniques: steganography, cryptography, digest, X.509 certificates, certification authorities (CA) and public-key infrastructures (PKI). - (1 CFU) Authentication techniques (password, challenges, Kerberos) and related hardware devices (token and smart-card). - (1 CFU) Network security: the IPsec standard to protect IP networks; security of the network configuration and management protocols; firewall and IDS to create protected subnets; virtual private networks (VPN); security of wireless networks. - (1 CFU) Application security: e-mail protection (PGP, S/MIME), web security (SSL, TLS) and remote access protection (SSH, TLS), securing web applications. - (1 CFU) Secure document workflow and e-commerce; national and international legislation about e documents; digital signature and e documents; the SET protocol and other e-payment systems.

The laboratory includes the development and analysis of several security solutions. There will be 5 different labs. The classroom exercises will analyse some security solutions, including those developed in the labs.

The lessons' handouts and laboratory manuals are available from the instructor's web site. An auxiliary textbook, covering many but not all the topics, is: - W. Stallings, 'Cryptography and Network Security - principles and practice', Prentice-Hall

Modalità di esame: Prova scritta (in aula); Elaborato scritto individuale;

Exam: Written test; Individual essay;

... Written exam (2 hours) about the analysis and design of security solutions. Alternatively, the student can develop an individual homework about one of the course's topics.

Gli studenti e le studentesse con disabilità o con Disturbi Specifici di Apprendimento (DSA), oltre alla segnalazione tramite procedura informatizzata, sono invitati a comunicare anche direttamente al/la docente titolare dell'insegnamento, con un preavviso non inferiore ad una settimana dall'avvio della sessione d'esame, gli strumenti compensativi concordati con l'Unità Special Needs, al fine di permettere al/la docente la declinazione più idonea in riferimento alla specifica tipologia di esame.