Vai al contenuto principale Vai al footer
Università degli Studi di Parma Università degli Studi di Parma
Second cycle degree course in
Computer engineering
Università degli Studi di Parma
Department of Engineering and Architecture

NETWORK SECURITY
cod. 1002538

borrowed from Corso di Laurea magistrale in COMMUNICATION ENGINEERING - NETWORK SECURITY + LABORATORY (UNIT 1) - cod. 1005260
Academic year 2013/14
1° year of course - Second semester
Professor
Academic discipline
Telecomunicazioni (ING-INF/03)
Field
Attività formative affini o integrative
Type of training activity
Related/supplementary
63 hours
of face-to-face activities
9 credits
hub: PARMA
course unit
in - - -
lectures timetable unavailable
exam calls
Print

Learning objectives

The course aims to provide the student with the knowledge of the main security mechanisms and protocols used for securing communications and for protecting computer networks; in particular the knowledge and understanding of:
- applied cryptography;
- main algorithms and protocols for authentication and for securing data exchanges;
- main communication security protocols;
- possible network vulnerabilities and main network protection mechanisms.

Applying knowledge and understanding are:
- analysis of authentication and data protection schemes based on symmetric and/or asymmetric cryptography;
- design of mechanisms for authentication and secure data exchange;
- configuration and use of standard security protocols and algorithms (e.g. IPSec and TLS protocols; AES, DES, 3DES, RSA cryptography algorithms; digital signature and certificates X.509 and PGP; etc.)
- use of tools for network monitoring and vulnerabilities scanning;
- configuration of systems (e.g. firewalls) for network protection.

Prerequisites

Familiarity with TCP/IP stack and networking.

Course unit content

Cryptography basics and algorithms;

Authentication mechanisms and digital signature;

Protocols for secure communications;

Main network threats, vulnerabilities, and countermeasures;

Systems for network protections.

Full programme

1) Basics of cryptography and authentication mechanisms
- Basics of symmetric (classic) cryptography and examples of algorithms (DES, 3DES, AES)
- Basics of asymmetric cryptography and examples of algorithms(RSA, Diffie-Hellman, DSA); advantages and disadvantages
- Hash and MAC functions (MD5, SHA, HMAC)
- Authentication algorithms, based on both symmetric and asymmetric cryptography
- Key exchange, agreement, and distribution
- Digital signature, digital certificates, certification authority, Public Key Infrastructure, standard X.509, PGP (Pretty Good Privacy)

2) Security protocols
- Protocols for authentication and key exchange (Kerberos, AAA, RADIUS)
- Protocols for secure communications at IP layer (IPSec/AH/ESP), and virtual private networks (VPNs)
- Protocols for secure communications at transport (SSL/TLS) and application layer

3) Network vulnerabilities and countermeasures
- Vulnerabilities of TCP/IP protocols, attacks and countermeasures (sniffing, network and port scanning, spoofing, flooding, buffer overflow, etc.)
- Firewall (packet filtering, ALG, NAT, DMZ), examples of network configurations
- Protocols for FW and NAT traversal (STUN e TURN)
- Intrusion Detection System (IDS)
- Anonymity networks

Bibliography

[1] L. Veltri, "Network Security", slides of the course, http://www.tlc.unipr.it/veltri
[2] W. Stallings, "Cryptography and Network Security: Principles and Practice", Prentice Hall

Teaching methods

Class lessons (36h), and in class exercises (6h) carried out by the teacher with students, and laboratoy acitvities.

Assessment methods and criteria

The exam can be succeeded as:
1) divided into two written examinations, at the middle and the end of the course, that complete the exam; or
2) written exam, during regular scheduled examinations.

In both cases, the exam is written and composed of multiple choice questions, open answer questions, and some exercises.
Examples of exercises are shown and solved during the course.

Other information

- - -