Learning objectives
The objective of this course is to analyze the main mechanisms and protocols for network security. It deals with the bases of modern cryptography, the various security protocols, possible network threats, and secure countermeasures.
Prerequisites
Familiarity with TCP/IP stack and networking. One of these courses is suggested: Reti di Telecomunicazioni A, Telematica A, or Reti di Calcolatori A
Course unit content
1) Introduction to modern cryptography<br />Symmetric cryptography (3DES, AES, etc) and asymmetric cryptography (RSA, Diffie-Hellman)<br />Hash functions and Message digest<br />Digital signature, digital certificates, certification authorities, X.509/ PKI (Public Key Infrastructure) and PGP (Pretty Good Privacy)<br /><br />2) Protocols for network security<br />Authentication protocols (CHAP, EAP, RADIUS, Diameter)<br />Communication security at IP layer (IPSec), and transport/application layer (TLS, SSH)<br />Virtual Private Networks<br />Security in wireless local access (IEEE 802.1x, IEEE 802.11i)<br /><br />3) TCP/IP vulnerabilities<br />Possible attacks and countermeasures (sniffing, network and port scanning, IP spoofing, flooding, buffer overflow, etc)<br /><br />4) Network security<br />Firewalls (packet filtering, application level gateways, proxy, NAT, bastion host, DMZ), and <br />Intrusion Detection Systems (IDS)<br />
Full programme
- - -
Bibliography
[1] W. Stallings, "Cryptography and Network Security: Principles and Practice" 3th Edition, Prentice Hall<br />[2] C. Kaufman, R. Perlman, M. Speciner, "Network Security: Private Communication in a Public World" 2nd Edition, Prentice Hall<br />
Teaching methods
Laboratory activities on vulnerability scanning, firewall configuration, digital certificate management, VPN/IPSec configuration, and other topics.
Assessment methods and criteria
- - -
Other information
- - -