Syllabus
Topics of lectures [tentative, subject to changes!]
Topics of lectures [tentative, subject to changes!]
Course overview and brainstorming on cybersecurity
Course overview and brainstorming on cybersecurity
- Overview of the course (including administration, markings, projects, and so on)
- An introduction to the relevance and the basic notions of Cyber Security
- Additional material
- https://www.weforum.org/reports/the-global-risks-report-2018
- www.csoonline.com/article/2130877/data-breach/the-biggest-data-breaches-of-the-21st-century.html
- https://www.darkreading.com/vulnerabilities---threats/why-information-integrity-attacks-pose-new-security-challenges/a/d-id/1331562
- https://en.wikipedia.org/wiki/Mirai_(malware)
- https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/
- https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-GCI.01-2017-PDF-E.pdf
- https://www.consorzio-cini.it/index.php/it/labcs-home/libro-bianco
- https://ec.europa.eu/info/law/law-topic/data-protection_en
- https://www.consultancy.uk/news/16068/majority-of-companies-now-hit-by-a-cybersecurity-skills-gap
- Overview of basic notions underlying Computer and Network security, CyberSecurity, and their relationships
- Additional material
- Basic principles of authentication, passwords, assurance levels, contextual authentication
- Additional material
- A bit of history, Basic notions, Symmetric and Asymmetric key encryption, AES, DES, RSA, Diffie-Hellman
- Additional material
- http://www.garykessler.net/library/crypto.html
- https://w2.eff.org/Privacy/Crypto/Crypto_misc/DESCracker/HTML/19980716_eff_des_faq.html
- http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r4.pdf
- http://www.garykessler.net/library/crypto.html
- https://engineering.purdue.edu/kak/compsec/NewLectures/Lecture12.pdf (RSA in detail)
- https://engineering.purdue.edu/kak/compsec/NewLectures/Lecture13.pdf (DH in detail)
- https://crocs.fi.muni.cz/public/papers/rsa_ccs17
- Digital signatures, Certificates, Public Key Infrastructure, SSL/TLS (Handshake), some security issues of TLS
- Additional material
- http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-32.pdf
- https://en.wikipedia.org/wiki/Digital_signature
- https://en.wikipedia.org/wiki/Transport_Layer_Security
- https://www.schneier.com/academic/archives/1996/11/analysis_of_the_ssl.html
- https://www.usenix.net/legacy/publications/library/proceedings/sec98/full_papers/mitchell/mitchell.pdf
- https://blog.cryptographyengineering.com/category/tlsssl/page/2/
- Introduction to consensus and trust, with applications
- Links
- Single-Sign-On, SAML, SPID, eIDAS, CIE
- Additional material
- Basic principles, classic models: Matrix model, Access Control Lists, Capabilities, Discretionary/Mandatory/Role-Based Access Control
- Additional material
- OAuth, Attribute-Based Access Control (ABAC), eXtensible Access Control Markup Language (XACML)
- Additional material
- Browser model, cookies, same-origin policy, client-side and server-side vulnerabilities (e.g., cross-site scripting, injection, fishing), MQTT and related security issues
- Reading list
- General Data Protection Regulation
- Links
- A quick overview of the main topics considered during the course