Insegnamento INTRODUZIONE ALLA SICUREZZA INFORMATICA
| Nome del corso di laurea | Informatica |
|---|---|
| Codice insegnamento | A000702 |
| Curriculum | Comune a tutti i curricula |
| Docente responsabile | Stefano Bistarelli |
| Docenti |
|
| Ore |
|
| CFU | 6 |
| Regolamento | Coorte 2017 |
| Erogato | Erogato nel 2019/20 |
| Attività | Caratterizzante |
| Ambito | Discipline informatiche |
| Settore | INF/01 |
| Anno | 3 |
| Periodo | Primo Semestre |
| Tipo insegnamento | Opzionale (Optional) |
| Tipo attività | Attività formativa monodisciplinare |
| Lingua insegnamento | ITALIANO |
| Contenuti | Overview Cryptographic Tools User Authentication Access Control Database and Data Center Security Malicious Software Denial-of-Service Attacks Intrusion Detection Firewalls and Intrusion Prevention Systems |
| Testi di riferimento | Computer Security: Principles and Practice, Global Edition, 4/E View larger cover William Stallings Lawrie Brown ISBN-10: 1292220619 • ISBN-13: 9781292220611 |
| Obiettivi formativi | Capire il significato di sicurezza informatica nei suoi attributi di confidenzialità, integrità e disponibilità. Capire le problematiche dei sistemi Sicuri ma connessi su reti insicure. Capire le nozioni più importanti di sicurezza informatica, sicurezza di rete. |
| Prerequisiti | nessuno in particolare |
| Metodi didattici | Lezioni frontali e di laboratorio. Possibili seminari di ospiti. |
| Altre informazioni | Frequenza è fortemente consigliata. |
| Modalità di verifica dell'apprendimento | Colloquio orale della durata media di 30 minuti su argomenti di tutto il programma che evidenzia le capacità espositive dello studente, le sue capacità d'utilizzo appropriato di tecniche e nozioni fondamentali e l'approfondimento dello studio. Possibilità di specifici progetti o seminari. Su richiesta dello studente l'esame può' essere sostenuto in lingua Italiana o Inglese. Per informazioni sui servizi di supporto agli studenti con disabilità e/o DSA visita la pagina http://www.unipg.it/disabilita-e-dsa |
| Programma esteso | Overview 1.1 Computer Security Concepts 1.2 Threats, Attacks, and Assets 1.3 Security Functional Requirements 1.4 Fundamental Security Design Principles 1.5 Attack Surfaces and Attack Trees 1.6 Computer Security Strategy 1.7 Standards 1.8 Key Terms, Review Questions, and Problems PART ONE COMPUTER SECURITY TECHNOLOGY AND PRINCIPLES Cryptographic Tools 2.1 Confidentiality with Symmetric Encryption 2.2 Message Authentication and Hash Functions 2.3 Public-Key Encryption 2.4 Digital Signatures and Key Management 2.5 Random and Pseudorandom Numbers 2.6 Practical Application: Encryption of Stored Data 2.7 Key Terms, Review Questions, and Problems User Authentication 3.1 Digital User Authentication Principles 3.2 Password-Based Authentication 3.3 Token-Based Authentication 3.4 Biometric Authentication 3.5 Remote User Authentication 3.6 Security Issues for User Authentication 3.7 Practical Application: An Iris Biometric System 3.8 Case Study: Security Problems for ATM Systems 3.9 Key Terms, Review Questions, and Problems Access Control 4.1 Access Control Principles 4.2 Subjects, Objects, and Access Rights 4.3 Discretionary Access Control 4.4 Example: UNIX File Access Control 4.5 Role-Based Access Control 4.6 Attribute-Based Access Control 4.7 Identity, Credential, and Access Management 4.8 Trust Frameworks 4.9 Case Study: RBAC System for a Bank 4.10 Key Terms, Review Questions, and Problems Database and Data Center Security 5.1 The Need for Database Security 5.2 Database Management Systems 5.3 Relational Databases 5.4 SQL Injection Attacks 5.5 Database Access Control 5.6 Inference 5.7 Database Encryption 5.8 Data Center Security 5.9 Key Terms, Review Questions, and Problems Malicious Software 6.1 Types of Malicious Software 6.2 Advanced Persistent Threat 6.2 Propagation — Infected Content - Viruses 6.3 Propagation — Vulnerability Exploit - Worms 6.4 Propagation — Social Engineering — SPAM E-Mail, Trojans 6.5 Payload — System Corruption 6.6 Payload — Attack Agent — Zombie, Bots 6.7 Payload — Information Theft — Keyloggers, Phishing, Spyware 6.8 Payload — Stealthing — Backdoors, Rootkits 6.9 Countermeasures 6.10 Key Terms, Review Questions, and Problems Denial-of-Service Attacks 7.1 Denial-of-Service Attacks 7.2 Flooding Attacks 7.3 Distributed Denial-of-Service Attacks 7.4 Application-Based Bandwidth Attacks 7.5 Reflector and Amplifier Attacks 7.6 Defenses Against Denial-of-Service Attacks 7.7 Responding to a Denial-of-Service Attack 7.8 Key Terms, Review Questions, and Problems Intrusion Detection 8.1 Intruders 8.2 Intrusion Detection 8.3 Analysis Approaches 8.4 Host-Based Intrusion Detection 8.5 Network-Based Intrusion Detection 8.6 Distributed or Hybrid Intrusion Detection 8.7 Intrusion Detection Exchange Format 8.8 Honeypots 8.9 Example System: Snort 8.10 Key Terms, Review Questions, and Problems Firewalls and Intrusion Prevention Systems 9.1 The Need for Firewalls 9.2 Firewall Characteristics and Access Policy 9.3 Types of Firewalls 9.4 Firewall Basing 9.5 Firewall Location and Configurations 9.6 Intrusion Prevention Systems 9.7 Example: Unified Threat Management Products 9.8 Key Terms, Review Questions, and Problems |