ECTS - University of Pisa
View syllabus
NETWORK SECURITY
FABRIZIO ENRICO ERMINIO BAIARDI
Academic year2020/21
CourseCOMPUTER SCIENCE
Code303AA
Credits9
PeriodSemester 2
LanguageEnglish

ModulesAreaTypeHoursTeacher(s)
SICUREZZA DELLE RETIINF/01LEZIONI72
FABRIZIO ENRICO ERMINIO BAIARDI unimap
Obiettivi di apprendimento
Learning outcomes
Conoscenze

Capacità di applicare una analisi ed una gestione del rischio ICT che preveda i seguenti passi

a) analisi vulnerabilità

b) analisi attacchi elementari

c) analisi delle contromisure

d) definizione di politica di sicurezza

e) valutazione del rischio

f) introduzione di contromisure

g) valutazione rischio residuo
Knowledge

Discover vulnerabilities of ICT system Discover the elementary attacks enabled by these vulnerabilities Run a Penetration Test Evaluate and Manage the risk of ICT system Design and deploy countermeasures to manage the risk

Discover vulnerabilities of ICT system Discover the elementary attacks enabled by these vulnerabilities Run a Penetration Test Evaluate and Manage the risk of ICT system Design and deploy countermeasures to manage the risk

Discover vulnerabilities of ICT system Discover the elementary attacks enabled by these vulnerabilities Run a Penetration Test Evaluate and Manage the risk of ICT system Design and deploy countermeasures to manage the risk
Modalità di verifica delle conoscenze

a) progetto sperimentale

b) esame scritto e orale

c) preparazione di una lezione su un tema del corso
Assessment criteria of knowledge

The student will be assessed on his/her demonstrated ability to discuss the main course contents using the appropriate terminology. - During the oral exam the student must be able to demonstrate his/her knowledge of the course material and be able to discuss the reading matter thoughtfully and with propriety of expression.

Methods:

  • Final essay
  • Laboratory report
  • Oral report

 

Further information:
The student can select as a final exam either a seminar or some project work. In the latter case, several students may be involved in the projects

The student will be assessed on his/her demonstrated ability to discuss the main course contents using the appropriate terminology. - During the oral exam the student must be able to demonstrate his/her knowledge of the course material and be able to discuss the reading matter thoughtfully and with propriety of expression.

Methods:

  • Final essay
  • Laboratory report
  • Oral report

 

Further information:
The student can select as a final exam either a seminar or some project work. In the latter case, several students may be involved in the projects

The student will be assessed on his/her demonstrated ability to discuss the main course contents using the appropriate terminology. - During the oral exam the student must be able to demonstrate his/her knowledge of the course material and be able to discuss the reading matter thoughtfully and with propriety of expression.

Methods:

  • Final essay
  • Laboratory report
  • Oral report

 

Further information:
The student can select as a final exam either a seminar or some project work. In the latter case, several students may be involved in the projects
Capacità

capacità di condurre le analisi precedenti
Modalità di verifica delle capacità

applicazione dell'analisi ad un caso reale
Comportamenti

capacità di interagire con gli utenti di un sistema
Modalità di verifica dei comportamenti

esame di alcuni casi di studio
Prerequisiti (conoscenze iniziali)

conoscenza profonda e matura di 

a) sistemi operativi

b) supporto di linguaggi di programmazione

c) meccanismi di rete
Indicazioni metodologiche

capacità di fondere un atteggiamento di tipo adversarial con conoscenza di sistemi informatici

 
Teaching methods

Delivery: face to face

Attendance: Advised

Learning activities:

  • attending lectures
  • participation in seminar
  • preparation of oral/written report
  • participation in discussions
  • individual study
  • Laboratory work

 

Teaching methods:

  • Lectures
  • Seminar
  • project work

 

Delivery: face to face

Attendance: Advised

Learning activities:

  • attending lectures
  • participation in seminar
  • preparation of oral/written report
  • participation in discussions
  • individual study
  • Laboratory work

 

Teaching methods:

  • Lectures
  • Seminar
  • project work

 

Delivery: face to face

Attendance: Advised

Learning activities:

  • attending lectures
  • participation in seminar
  • preparation of oral/written report
  • participation in discussions
  • individual study
  • Laboratory work

 

Teaching methods:

  • Lectures
  • Seminar
  • project work

 
Programma (contenuti dell'insegnamento)

Verranno fornite tutte le nozioni necessarie per valutare e gestire il rischio informatico
Syllabus

The basic notions to evaluate and improve the security of any ICT system: Threat, threat model, vulnerability, attack, complex attack, countermeasure, risk, risk assessment Resiliency, robustness, cost effectiveness Differences between safety and reliability. Peculiarities of security of ICT systems Cloud Computing: definition and enabling technologies Security Problems of Cloud Computing Challenging Security Issues in Cloud Computing

The basic notions to evaluate and improve the security of any ICT system: Threat, threat model, vulnerability, attack, complex attack, countermeasure, risk, risk assessment Resiliency, robustness, cost effectiveness Differences between safety and reliability. Peculiarities of security of ICT systems Cloud Computing: definition and enabling technologies Security Problems of Cloud Computing Challenging Security Issues in Cloud Computing

The basic notions to evaluate and improve the security of any ICT system: Threat, threat model, vulnerability, attack, complex attack, countermeasure, risk, risk assessment Resiliency, robustness, cost effectiveness Differences between safety and reliability. Peculiarities of security of ICT systems Cloud Computing: definition and enabling technologies Security Problems of Cloud Computing Challenging Security Issues in Cloud Computing
Bibliografia e materiale didattico

Sostanzialmente materiale didattico fornito dal docente che comprende materiale preparato dal docente ed i più recenti articoli scientifici sui temi trattati.
Bibliography

Security Engineering by Ross Anderson is a recommended but not mandatory reading.

Security Engineering by Ross Anderson is a recommended but not mandatory reading.

Security Engineering by Ross Anderson is a recommended but not mandatory reading.
Indicazioni per non frequentanti

Contattare il docente
Modalità d'esame

Progetto oppure scritto + orale oppure preparazione di una lezione su un tema trattato nel corso
Updated: 31/07/2020 15:38