System and Network Security
Code
8284
Academic unit
Faculdade de Ciências e Tecnologia
Department
Departamento de Informática
Credits
6.0
Teacher in charge
Henrique João Lopes Domingos
Weekly hours
4
Total hours
52
Teaching language
Português
Objectives
The course provides a survey of both the principles and practice on computer systems and network security, from theoretical foundations, base mechanisms, security standards and best-practices to design security middleware protocols and security services for distributed systems and applications. The design principles and techniques to implement secure internetworked applications in TCP/IP internetworked and large scale environments are emphasized.
Prerequisites
Required knowledge-base:
- Foundations on Computer Networks; TCP/IP protocols and internetworking programming with TCP/IP;
- Distributed Systems: Concepts, Design Principles and Paradigms;
- Operating Systems Foundations;
- Base foundations on Computer Systems Security;
The course requires the autonomy of students for hands-on practice, lab work and work-assignments, namely:
- Distributed systems programming practice (Sockets, Java-RMI, Messaging Paradigms and Web Service programmings);
- Computer systems programming practice: OS services, processes, multithread programming and concurrency control (including the experience in Unix, Linux or or Windows environments);
- Java or C++ or C# programming practice and domain of respective IDEs (ex., Eclipse, NetBeans, MS-Visual Studio, etc).
Subject matter
1. Introduction. Security and dependability in distributed systems and computer networks.
2. Advanced cryptographic methods and algorithms
3. TCP/IP Security services and applications
4. Wireless Network Security
5. WEB services security and auditing
6. Securiy and privacy services for remote and outsourced databases
7. Cloud-services and applications security and privacy
Bibliography
W. Stallings, Cryptography and Network Security - Principles and Practice, 6th Edition, Pearson, 2014.
W. Stallings, L. Brown, Computer Security - Principles and Practice. 3rd Edition, Pearson, 2014
---
Additonal readings and selected papers related to the program topics will be suggested during the course. These materials will be available for the students.
Teaching method
*) The course can also be taught in english, if required.
Lectures for motivating, presenting and discussing pricniples, concepts, foundations, paradigms, techniques, case-studies, as well as good practices and algorithms for security components, protocols and services for computer networks and distributed systems.
Lab-exercices (including programming exercices and demonstrations) are used for presenting and implementing programming techniques and to improve "hand-on" practical skills. Work-assignments and mini-projects reusing those techniques into problem-oriented cases, will be suggested as optional autonomous work or mandatory practical evaluation componets, requiring from the students the consolidation of analysis and design principles, implementation details and experimental evaluation.
Evaluation method
Assessment components:
- T1, T2: Two tests: 25% each
- Ref: each test has two parts (1h to 1h30 each part):
- Part 1 (50%) closed book
- Part 2 (50%) open book, only printed material
- T1 and T2 assessment: 0.0 to 20.0 scale
- TP1, TP2: two work-assignments/mini-projects: 20 % each
- Ref: includes SW development, report, demonstration and presentaton with discussion
- TP1 and TP2 assessment 0.0 to 5.0 scale
- P: 1 to 2 topic presentations and related demonstrations (10%)
Rules
- Frequency = 45% TP1 + 45% TP2 + 10% P
- TP1 >= 2.0/5.0 and TP2 >= 2.0/5.0
Final Assessment (FA)
- Frequency case:
- FA1 = 25% T1 + 25% T2 + 20% TP1 + 20% TP2 + 10% P
- T1 > 8.0/20.0 and T2 > 8.0/20.0
- Exam case:
- FA2 = 50% Exam + 20% TP1 + 20% TP2 + 10% P
- Option (registration for grade improvement):
- MAX ( FA1, FA2)
Grade Conditions
- TP1 and TP2 with valid objectives
- TP1 >=2/5 and TP2 >= 2/5
- Final Assessment (F1 or F2) >= 9.5/20