🇵🇹 PT

Objectives

  • Provide students with skills in identifying and estimate risks associated to the components of a computer system. Implement security perimeters and appropriate corrective measures to adequately mitigate the risk.
  • Recognize the core skills and good-practices for security in system administration.
  • Provide students with skills in modeling and mapping security requirements at the various stages of the information lifecycle and the systems supporting it.
  • Recognize common programming failures that lead to security vulnerabilities, and development practices leading to increased security.
  • To establish the security of a system with respect to a security model (security properties/adversarial model).
  • To select cryptographic techniques and protocols to achieve different security requirements.

Program

  • Security concepts: properties, vulnerabilities, models, risks, attacks and controls.
  • Access control: identification, authentication, authorization, structures and reference monitor.
  • Operating system security: resource protection, hardening and restricted execution environments.
  • Network security: secure architectures and defense mechanisms.
  • Services and application security: common errors, good-practices, sandboxing and virtualization.
  • Cryptography and information security: terminology, elementary concepts and security models.
  • Symmetric cryptography: stream and block ciphers, one-way functions; MACs.
  • Asymmetric cryptography: key agreement; public-key ciphers; digital signatures; public-key certificates.

Bibliography

Atualizado: