Modules | Area | Type | Hours | Teacher(s) | |
SICUREZZA DELLE RETI | INF/01 | LEZIONI | 72 |
|
Capacità di applicare una analisi ed una gestione del rischio ICT che preveda i seguenti passi
a) analisi vulnerabilità
b) analisi attacchi elementari
c) analisi delle contromisure
d) definizione di politica di sicurezza
e) valutazione del rischio
f) introduzione di contromisure
g) valutazione rischio residuo
Discover vulnerabilities of ICT system Discover the elementary attacks enabled by these vulnerabilities Run a Penetration Test Evaluate and Manage the risk of ICT system Design and deploy countermeasures to manage the risk
Discover vulnerabilities of ICT system Discover the elementary attacks enabled by these vulnerabilities Run a Penetration Test Evaluate and Manage the risk of ICT system Design and deploy countermeasures to manage the risk
Discover vulnerabilities of ICT system Discover the elementary attacks enabled by these vulnerabilities Run a Penetration Test Evaluate and Manage the risk of ICT system Design and deploy countermeasures to manage the risk
a) progetto sperimentale
b) esame scritto e orale
c) preparazione di una lezione su un tema del corso
The student will be assessed on his/her demonstrated ability to discuss the main course contents using the appropriate terminology. - During the oral exam the student must be able to demonstrate his/her knowledge of the course material and be able to discuss the reading matter thoughtfully and with propriety of expression.
Methods:
Further information:
The student can select as a final exam either a seminar or some project work. In the latter case, several students may be involved in the projects
The student will be assessed on his/her demonstrated ability to discuss the main course contents using the appropriate terminology. - During the oral exam the student must be able to demonstrate his/her knowledge of the course material and be able to discuss the reading matter thoughtfully and with propriety of expression.
Methods:
Further information:
The student can select as a final exam either a seminar or some project work. In the latter case, several students may be involved in the projects
The student will be assessed on his/her demonstrated ability to discuss the main course contents using the appropriate terminology. - During the oral exam the student must be able to demonstrate his/her knowledge of the course material and be able to discuss the reading matter thoughtfully and with propriety of expression.
Methods:
Further information:
The student can select as a final exam either a seminar or some project work. In the latter case, several students may be involved in the projects
capacità di condurre le analisi precedenti e di presentare il risultato
applicazione dell'analisi ad un caso reale svolta mediante produzione di una relazione o di un seminario
capacità di interagire con gli utenti di un sistema
esame di alcuni casi di studio
conoscenza profonda e matura di
a) sistemi operativi
b) supporto di linguaggi di programmazione
c) meccanismi di rete
capacità di fondere un atteggiamento di tipo adversarial con conoscenza di sistemi informatici
interesse ad individuare debolezze e difetti di un sistema e valutare la possibilità di sfruttarli per sovvertire il normale funzionamento
Delivery: face to face
Attendance: Advised
Learning activities:
Teaching methods:
Delivery: face to face
Attendance: Advised
Learning activities:
Teaching methods:
Delivery: face to face
Attendance: Advised
Learning activities:
Teaching methods:
Verranno fornite tutte le nozioni necessarie per valutare e gestire il rischio informatico
The basic notions to evaluate and improve the security of any ICT system: Threat, threat model, vulnerability, attack, complex attack, countermeasure, risk, risk assessment Resiliency, robustness, cost effectiveness Differences between safety and reliability. Peculiarities of security of ICT systems Cloud Computing: definition and enabling technologies Security Problems of Cloud Computing Challenging Security Issues in Cloud Computing
The basic notions to evaluate and improve the security of any ICT system: Threat, threat model, vulnerability, attack, complex attack, countermeasure, risk, risk assessment Resiliency, robustness, cost effectiveness Differences between safety and reliability. Peculiarities of security of ICT systems Cloud Computing: definition and enabling technologies Security Problems of Cloud Computing Challenging Security Issues in Cloud Computing
The basic notions to evaluate and improve the security of any ICT system: Threat, threat model, vulnerability, attack, complex attack, countermeasure, risk, risk assessment Resiliency, robustness, cost effectiveness Differences between safety and reliability. Peculiarities of security of ICT systems Cloud Computing: definition and enabling technologies Security Problems of Cloud Computing Challenging Security Issues in Cloud Computing
Sostanzialmente materiale didattico fornito dal docente che comprende materiale preparato dal docente ed i più recenti articoli scientifici sui temi trattati.
Il testo di riferimento a livello metodologico e complessivo resta "Security Engineering" di Ross Anderson di cui esistono 3 versioni, tutte possono essere accedute gratuitamente.
Security Engineering by Ross Anderson is a recommended but not mandatory reading.
Security Engineering by Ross Anderson is a recommended but not mandatory reading.
Security Engineering by Ross Anderson is a recommended but not mandatory reading.
Contattare il docente
Seguire il sito web del corso
Progetto oppure scritto + orale oppure preparazione di una lezione su un tema trattato nel corso
E' possibile organizzare tirocini presso aziende di sicurezza