17629 - Computer System Security

Course Unit Page

  • Teacher Ozalp Babaoglu

  • Credits 6

  • SSD INF/01

  • Teaching Mode Traditional lectures

  • Language Italian

SDGs

This teaching activity contributes to the achievement of the Sustainable Development Goals of the UN 2030 Agenda.

Industry, innovation and infrastructure

Academic Year 2018/2019

Learning outcomes

The objective of the course is to present the theory, mechanisms, techniques and tools that are effective in increasing the security of a computer system. At the end of the course, the student will be familiar with the mathematical foundations of modern cryptography, authentication, authorization and access control mechanisms that are suitable for achieving confidentiality, integrity and availability of computer systems.  The student will also acquire the knowledge necessary to assess the potentials and limitations of current technologies.

Course contents

  • Introduction
  • Trustworthiness, Network Information Systems, Security Policies    
  • Symmetric (secret key) and Asymmetric (public key)  Cryptography
  • One-time-pad, DES algorithm for symmetric cryptography
  • RSA algorithm for asymmetric cryptography
  • Authentication, digital signatures, Message Authentication Codes
  • Key Management
  • Kerberos
  • Certificates, Public-Key-Infrastructures
  • PGP
  • Key Escrow
  • Internet security: SSL
  • User authentication: Passwords, tokens, biometrics
  • Strong authentication, 2-factor authentication
  • Access control
  • Internet Security: Virtual Private Networks, Firewalls, IPSec
  • Intrusion Detection Systems

Readings/Bibliography

  • Computer Security: Principles and Practice (4th Edition), Stallings and Brown, Pearson, 2018.
  • Computer Security: Art and Science (2nd Edition), Matt Bishop, Addison-Wesley, 2018.

Teaching methods

The Course is worth 6 credits and consists of lectures together with five programming exercises to complete individually during the semester.

Assessment methods

The final exam for the Course aims to verify achievement of the stated objectives:

  • understanding the principal threats to security in modern computing systems
  • understanding the mathematical foundations for modern cryptography
  • understanding the benefits and limits of modern cryptographic algorithms and protocols 
  • analyzing the vulnerabilities of a computing system
  • formulating a security roadmap for a modern computing system

The final grade for the Course will be obtained through a weighted average of the final exam score and the outcomes for the five programming exercises.

Teaching tools

The lectures utilize overhead slides projected from a laptop computer together with a white board. The material presented during lectures will be made available in electronic format for downloading from the Course web site.  Completing the programming exercises require interacting with the Course teaching assistant via email.

Links to further information

http://www.cs.unibo.it/babaoglu/courses/security/

Office hours

See the website of Ozalp Babaoglu