Cryptography Algorithms and Security of Information Systems (ΠΛ7)

Ελληνική Έκδοση
Graduate Courses Outlines
Outline Modification (available only for faculty members)
Department of Mathematics
Save as PDF or Print (to save as PDF, pick the corresponding option from the list of printers, located in the window which will popup)

General

School	School of Science
Academic Unit	Department of Mathematics
Level of Studies	Graduate
Course Code	ΠΛ7
Semester	2
Course Title	Cryptography Algorithms and Security of Information Systems
Independent Teaching Activities	Lectures (Weekly Teaching Hours: 3, Credits: 7.5)
Course Type	Specialized general knowledge
Prerequisite Courses	-
Language of Instruction and Examinations	Greek
Is the Course Offered to Erasmus Students	Yes (in English)
Course Website (URL)	See eCourse, the Learning Management System maintained by the University of Ioannina.

Learning Outcomes

Learning outcomes	Upon completion of this course postgraduate students: They will understand the fundamental concepts in the security of information systems and networks They will be able to identify vulnerabilities, program-level and service-level threats, and system and network-level risk assessments, and apply methodologies for identifying and addressing such risks They will be able to describe basic access control models and policies and be able to develop an appropriate security policy and the necessary protection mechanisms that will support it over an information system They will be able to develop cryptographic algorithms and implement encryption methods over a networking environment, to develop secure service mechanisms and algorithms using programming languages such as C / C ++ and libraries such as Libgcrypt and Libmcrypt. They will know the basic security features of network and network applications, methods of attacking (local-remote) and distinguish their criticality. They will be able to distinguish the basic vulnerabilities of Web and application service systems, especially SQL-injection attacks and buffer overflows, and develop appropriate defensive mechanisms. They will understand security concepts and technologies. They will have the ability to analyze the risk and synthesis of policies and technologies within an integrated IT security plan.
General Competences	Development and explanation of theoretical modules, presentation of specific case studies, analysis and evaluation of representative security technologies, security methods and algorithms for authentication, integrity and data encryption Developing secure software applications and services Making decisions, addressing real security and privacy issues Strategic planning and implementation – Embellishment Autonomous Work

Syllabus

Basic Concepts and Definitions in the Security of Information Systems.
Cryptographic issues: Symmetric, non-symmetric encryption, fraction cipher, cryptographic modes and public key cryptography flow, cryptographic summary functions, cryptanalysis.
Authentication Protocols and Authentication technologies, One-way hash functions, digital certificates, digital signatures, infrastructure (PKI) and public key algorithms (RSA, DSA, Diffie-Hellman, Elliptic curve) and number theory underlies.
Development and implementation of C/C++ cryptographic algorithms: Symmetric (DES, AES, 3DES, Blowfish)
Implementation in C / C++ public key security mechanisms (RSA, Diffie-Hellman), and summary (MD5, SHA)
Secure elections, anonymous protocols- Anonymity, Transaction Protocols, NFC protocols and security mechanisms, RFID Crypto-1 algorithm and key exchange infrastructures
Malware models and categories, rootkits, viruses, exploits. Database Security: Basic concepts, models and policies for database access control and methodological framework for safe database and application services design, SQL injections, services monitoring
System security and management at OS level Windows and Linux. Security issues at user level and administrative management techniques.
Security of Services: Portscan attacks, Denial of Service attacks, MitM attacks, remote exploits, buffer overflows, Network Security: IP spoofing, ARP spoofing, hijacking, sniffing
Security Strategies, Network Security components and mechanisms. Perimeter Network defense and safe management: Firewalls, NIDS, designing Identification and Encryption Services
Presentation of SSL and x.509 certificates. Create and verify digital signature: DSA algorithm, key creation, signing, and verification. Presentation of the GPG tool for email. Creating Certificates.
Perimeter defense - Firewalls: Create a firewall security policy. Secure network management: Use appropriate SNMP communication software for secure network management. Introduction to IPSec, Virtual Networks, OpenVPN Tool. Presentation of NIDS tools.
Learn script programming language for Windows AutoIT for Administrative and security tasks and secure tasks-methods implementation

Teaching and Learning Methods - Evaluation

Delivery

Classroom

Use of Information and Communications Technology

Use of Micro-computers Laboratory

Teaching Methods

Activity	Semester Workload
Lectures	39
Working Independently	78
Exercises - Homework	70.5
Course total	187.5

Student Performance Evaluation

Semester work and written examination

Attached Bibliography

Ασφάλεια Δικτύων Υπολογιστών, Σ. Γκρίτζαλης, Σ. Κάτσικας, Δ. Γκρίτζαλης, Κωδικός Ευδόξου 9675, Εκδόσεις Παπασωτηρίου-Πολιτεία, Κωδικός Ευδόξου ISBN:9789607530455, 2004.
Ασφάλεια Δικτύων Υπολογιστών, Α. Πομπόρτσης, Γ. Παπαδημητρίου, ISBN 960-8050-88-X, Εκδόσεις Τζιόλα, 2003.
Κρυπτογραφία για Ασφάλεια Δικτύων Αρχές και Εφαρμογές, W. Stallings, Κωδικός Ευδόξου 12777632, ΜΑΡΙΑ ΠΑΡΙΚΟΥ & ΣΙΑ ΕΠΕ, ISBN: 9789604117307, 2011
Ασφάλεια Υπολογιστών: Αρχές και Πρακτικές 3η Έκδοση, W. Stallings, L. Brown, Κωδικός Ευδόξου 50656354, Εκδόσεις Κλειδάριθμος, ISBN: 978-960-461-668-8, 2016
Practical Unix and Internet Security, S. Garfinkel and G. Spafford , O’Reilly, ISBN: 978-0596003234, 2003
Cryptography and Network Security Principles and Practice, 7th Edition, W. Stallings, Pearson Education, ISBN: 978-0134444284, 2017
Applied Cryptography 2nd Edition, B. Schneier, Wiley, ISBN: 978-0471117094, 1996
Computer Security, D. Gollmann, J. Wiley & Sons, ISBN: 978-0470741153, 2011
Computer Security, M. Bishop, Addison Wesley, ISBN: 978-0321247445, 2005
Instant AutoIT scripting, E. Fez Lazo, PACKT, ISBN: 978-1-78216-578-1, 2013
Building Internet Firewalls, 2nd Edition, E.D. Zwicky, S. Cooper and B. Chapman, O Reilly, ISBN: 1-56592-871-7, 2000
Network Intrusion Detection, 3rd Edition, S. Northcutt and J. Novak, New Riders, ISBN: 978-0735712652, 2002
The GNU LibGCrypt reference manual, https://www.gnupg.org/documentation/manuals/gcrypt.pdf
The Mcrypt library, N. Mavroyanopoulos, http://mcrypt.hellug.gr/index.html
Implementing a Secure Local Area Network Environment, S. Kontogiannis, http://spooky.math.uoi.gr/~skontog/diplo.pdf, 2003.