Understand that system security only makes sense relative to a security model, and the dicotomy security objective/attack model. Explain the fundamental dimensions of information security, relate this dimensions with concrete security requirements, and recognize the cryptographic primitives that are associated with these requirements. Identify and select cryptographic protocols relevant to the security of concrete systems. Discuss the concep of a hard problem in the context of modern cryptography and computational number theory; explain the concept of a security proof/reduction. Explain the internal operation of the most relevant cryptographic techniques and discuss the different security models under which they are proven secure.
Introduction to the fundamental dimensions of information security: confidentiality, integrity, authenticity, non repudiation. Functionality versus security requirements. Computational problems commonly used as hardness assumptions in modern cryptography and their implication for key size determination. Cryptographic schemes: security models and security proofs. Symmetric crypto: stream and block ciphers, hash functions and authenticators. Public-key crypto: encryption schemes, digital signatures, authenticated key agreement. Identification, challenge and response mechanisms, zero-knowledge proofs.
Concept presentation and case-study analysis. Group work in tutorials and small case-studies, in some cases using specific computational tools. Group project work, with direct supervision of all the teaching staff associated with the CU. Evaluation will be based on a practical project (40% of the mark) and a final written exam (60% of the mark). A minimum of 50% will be required in both components.
Introduction to Modern Cryptography, Katz-Lindell, CRC Press, 2007 Handbook of Applied Cryptography, Menezes-Oorschot-Vanstone, CRC Press 2001.
To recognize and explain the relevance of distribution in the scalability and dependability of information systems. To tecognize, distinguish and characterize the challenges in a distributed system with respect to the problemas and abstract models. To identify and discuss the role of distributed systems (DHT, gossip, consensus) in the solutions of scalability and dependability problems. To plan, implement and evaluate distributed systems solving scalability and dependability problems.
Foundations of distributed systems: modeling, logical time and global observation, agreement and failure detection. Large scale distributed systems: gossip communication, publish/subscriber, peer-to-peer architectures, data management with eventual consistency. Fault-tolerant distributed systems: distributed transactions, group communication, strong consistent replication.
Concept presentation and case-study analysis. Group work in tutorials and small case-studies, in some cases using specific computational tools. Group project work, with direct supervision of all the teaching staff associated with the CU. Evaluation will be based on a practical project (40% of the mark) and a final written exam (60% of the mark). A minimum of 50% will be required in both components
Distributed Systems for System Architects, Paulo Veríssimo e Luís Rodrigues, Kluwer Academic Handbook of Peer-to-Peer Networking, Shen, X.; Yu, H.; Buford, J.; Akon, M. (Eds.), Springer Optimistic Replication, Yasushi Saito e Marc Shapiro, Journal ACM Computing Surveys Reliable Distributed Systems, Kenneth Birman, Springer Replication: theory and practice, B. Charron-Bost, F. Pedone, A. Schiper (Eds), Springer
Know the main distributed programming paradigms. Identify and discuss distributed mechanisms embedded in enterprise application middleware and cloud computing platforms. Relate distributed systems issues with key characteristics in such platforms. Plan and implement distributed systems, namely, by combining and composing middleware and cloud computing components.
Programming paradigms for inter-process communication: remote procedure and method invocation; message-based and resource-based middleware. Programming paradigms for concurrent servers: threads, events, actors, data-flow, tuple-spaces and transactional memory. Middleware for distributed systems: object oriented middleware (CORBA and JEE), message oriented middleware (AMQP and ZMQ), service orientation and the cloud (AWS and AppEngine).
Concept presentation and case-study analysis. Group work in tutorials and small case-studies, in some cases using specific computational tools. Group project work, with direct supervision of all the teaching staff associated with the CU. Evaluation will be based on a practical project (40% of the mark) and a final written exam (60% of the mark). A minimum of 50% will be required in both components.
Distributed Systems - Principles and Paradigms, Andrew Tanenbaum e Marten van Steen, 2ª Edição, Prentice Hall Programming Concurrency on the JVM, Venkat Subramaniam, The Pragmatic Bookshelf
Recognize the programming techniques that are most commonly associated with security vulnerabilities in computer systems, and apply good programming practices to minimize the risk of such vulnerabilities. Recognize the main competences and good practices necessary to an effective secure systems administration. Identify the risk associated with potential vulnerabilities of the various components in a computer system; apply mitigating and corrective measures. Define and implement security perimeters adequate to the risk level associated to various system components. Discuss the use of public key certificates and describe the main components of a Public Key Infrastructure. Apply forensic analysis techniques to computer systems in security breach scenarios,
Secure programming, buffer overflows, attacks and defenses against control takeover, idenficiation and exploitation of vulnerabilities, secure coding. Principle of minimum privileges, access control, systems administration, session management and user authentication. Web security model, common origin policy, sandboxing and isolation, Web applications security, cross-site scripting and SQL injection. Certification and public-key infrastructures, X.509 certificates. Network protection, relevant protocols (IPSec, HTTPS, SSH, etc.), firewalls, VPNs, intrusion detection and security tests. Malware, viruses, spyware and key-loggers; countermeasures.
Concept presentation and case-study analysis. Group work in tutorials and small case-studies, in some cases using specific computational tools. Group project work, with direct supervision of all the teaching staff associated with the CU. Evaluation will be based on a practical project (40% of the mark) and a final written exam (60% of the mark). A minimum of 50% will be required in both components.
Security Engineering, Ross Anderson, Wiley Secure Programming for Linux and Unix HOWTO, by David Wheeler, http:// ww.dwheeler.com/securew programs/.