- Docente: Enrico Denti
- Credits: 6
- SSD: ING-INF/05
- Language: Italian
- Moduli: Enrico Denti (Modulo 1) Ambra Molesini (Modulo 2)
- Teaching Mode: Traditional lectures (Modulo 1) Traditional lectures (Modulo 2)
- Campus: Cesena
- Corso: Second cycle degree programme (LS) in Computer Engineering (cod. 0650)
Learning outcomes
The goal of this 60-hour course is to acquire familiarity with the
main issues and technologies related to the design and development
of secure Internet systems and applications. To this end, the
course aims at making students able to understand 1) the different
aspects and nuances of security, with special regard to
cryptography and digital signature issues and techniques, including
the ability to practical master the related Java-based
technologies; 2) the methodological aspects of implementing secure
systems; 3) the main access control issues, related models and
technologies.
Course contents
The course is structured in two 30-hour modules.
First module:
Security as a must in modern applications. Practical introduction
to the basics of steganography and steganalysis. The role of
cryptography and related technologies. The main approaches and use
patterns of such technologies in the e-commerce scenario and in the
exchange of legally-valid digital documents in the Public
Administration and Government. Public key infrastructures and
certification authorities. Tools and APIs for the development of
secure applications (and applets) in the Java2 platform. The SE
Linux operating system as a notable case study of secure operating
system.
Second module:
Introduction to biometric technologies. Password creation and
related weaknesses: the way towards more robust passwords.
Methodological approaches to the analysis and design of secure
systems.
Security patterns and their use for designing and implementing
secure systems.
Access control techniques: DAC, MAC, RBAC. Firewalls and web
security.
Social engineering issues in the context of building secure
systems.
Readings/Bibliography
Please see the course's web portal.
Teaching methods
The course includes both standard lectures in the classroom, based
on Powerpoint slides (whose PDF printouts are available from the
teacher's Web portal before the corresponding lecture), and lab
activities aimed at enabling students to verify "on the road" the
approach and techniques discussed, as well as to test the
effectiveness and the limits of the current technologies.Further
exercises are also proposed, interleaved with theoretical concepts.
Autonomous lab activities are welcome and promoted by suggesting
ideas and possible test projects.
Assessment methods
The final examination consists of the discussion of a project, previously proposed by the student and accepted by the teacher.
Teaching tools
The teacher's web portal ( http://edenti.deis.unibo.it)
provides updated information, copy of the slides projected and
discussed during the lecture hours, as well as some extra material
and suggested books.
The first 30-hour module is only available online, in the context
of the E-learning project of Bologna University.
Office hours
See the website of Enrico Denti
See the website of Ambra Molesini