Cryptography Algorithms and Security of Information Systems (ΠΛ7)

Από Wiki Τμήματος Μαθηματικών
Αναθεώρηση ως προς 05:17, 16 Ιουνίου 2023 από τον Mathwikiadmin (συζήτηση | συνεισφορές)
(διαφορά) ← Παλαιότερη αναθεώρηση | Τελευταία αναθεώρηση (διαφορά) | Νεότερη αναθεώρηση → (διαφορά)

General

School School of Science
Academic Unit Department of Mathematics
Level of Studies Graduate
Course Code ΠΛ7
Semester 2
Course Title Cryptography Algorithms and Security of Information Systems
Independent Teaching Activities Lectures (Weekly Teaching Hours: 3, Credits: 7.5)
Course Type Specialized general knowledge
Prerequisite Courses -
Language of Instruction and Examinations

Greek

Is the Course Offered to Erasmus Students Yes (in English)
Course Website (URL) See eCourse, the Learning Management System maintained by the University of Ioannina.

Learning Outcomes

Learning outcomes

Upon completion of this course postgraduate students:

  • They will understand the fundamental concepts in the security of information systems and networks
  • They will be able to identify vulnerabilities, program-level and service-level threats, and system and network-level risk assessments, and apply methodologies for identifying and addressing such risks
  • They will be able to describe basic access control models and policies and be able to develop an appropriate security policy and the necessary protection mechanisms that will support it over an information system

They will be able to develop cryptographic algorithms and implement encryption methods over a networking environment, to develop secure service mechanisms and algorithms using programming languages such as C / C ++ and libraries such as Libgcrypt and Libmcrypt.

  • They will know the basic security features of network and network applications, methods of attacking (local-remote) and distinguish their criticality.

They will be able to distinguish the basic vulnerabilities of Web and application service systems, especially SQL-injection attacks and buffer overflows, and develop appropriate defensive mechanisms.

  • They will understand security concepts and technologies. They will have the ability to analyze the risk and synthesis of policies and technologies within an integrated IT security plan.
General Competences
  • Development and explanation of theoretical modules, presentation of specific case studies, analysis and evaluation of representative security technologies, security methods and algorithms for authentication, integrity and data encryption
  • Developing secure software applications and services
  • Making decisions, addressing real security and privacy issues
  • Strategic planning and implementation – Embellishment
  • Autonomous Work

Syllabus

  1. Basic Concepts and Definitions in the Security of Information Systems.
  2. Cryptographic issues: Symmetric, non-symmetric encryption, fraction cipher, cryptographic modes and public key cryptography flow, cryptographic summary functions, cryptanalysis.
  3. Authentication Protocols and Authentication technologies, One-way hash functions, digital certificates, digital signatures, infrastructure (PKI) and public key algorithms (RSA, DSA, Diffie-Hellman, Elliptic curve) and number theory underlies.
  4. Development and implementation of C/C++ cryptographic algorithms: Symmetric (DES, AES, 3DES, Blowfish)
  5. Implementation in C / C++ public key security mechanisms (RSA, Diffie-Hellman), and summary (MD5, SHA)
  6. Secure elections, anonymous protocols- Anonymity, Transaction Protocols, NFC protocols and security mechanisms, RFID Crypto-1 algorithm and key exchange infrastructures
  7. Malware models and categories, rootkits, viruses, exploits. Database Security: Basic concepts, models and policies for database access control and methodological framework for safe database and application services design, SQL injections, services monitoring
  8. System security and management at OS level Windows and Linux. Security issues at user level and administrative management techniques.
  9. Security of Services: Portscan attacks, Denial of Service attacks, MitM attacks, remote exploits, buffer overflows, Network Security: IP spoofing, ARP spoofing, hijacking, sniffing
  10. Security Strategies, Network Security components and mechanisms. Perimeter Network defense and safe management: Firewalls, NIDS, designing Identification and Encryption Services
  11. Presentation of SSL and x.509 certificates. Create and verify digital signature: DSA algorithm, key creation, signing, and verification. Presentation of the GPG tool for email. Creating Certificates.
  12. Perimeter defense - Firewalls: Create a firewall security policy. Secure network management: Use appropriate SNMP communication software for secure network management. Introduction to IPSec, Virtual Networks, OpenVPN Tool. Presentation of NIDS tools.
  13. Learn script programming language for Windows AutoIT for Administrative and security tasks and secure tasks-methods implementation

Teaching and Learning Methods - Evaluation

Delivery

Classroom

Use of Information and Communications Technology

Use of Micro-computers Laboratory

Teaching Methods
Activity Semester Workload
Lectures 39
Working Independently 78
Exercises - Homework 70.5
Course total 187.5
Student Performance Evaluation

Semester work and written examination

Attached Bibliography

  • Ασφάλεια Δικτύων Υπολογιστών, Σ. Γκρίτζαλης, Σ. Κάτσικας, Δ. Γκρίτζαλης, Κωδικός Ευδόξου 9675, Εκδόσεις Παπασωτηρίου-Πολιτεία, Κωδικός Ευδόξου ISBN:9789607530455, 2004.
  • Ασφάλεια Δικτύων Υπολογιστών, Α. Πομπόρτσης, Γ. Παπαδημητρίου, ISBN 960-8050-88-X, Εκδόσεις Τζιόλα, 2003.
  • Κρυπτογραφία για Ασφάλεια Δικτύων Αρχές και Εφαρμογές, W. Stallings, Κωδικός Ευδόξου 12777632, ΜΑΡΙΑ ΠΑΡΙΚΟΥ & ΣΙΑ ΕΠΕ, ISBN: 9789604117307, 2011
  • Ασφάλεια Υπολογιστών: Αρχές και Πρακτικές 3η Έκδοση, W. Stallings, L. Brown, Κωδικός Ευδόξου 50656354, Εκδόσεις Κλειδάριθμος, ISBN: 978-960-461-668-8, 2016
  • Practical Unix and Internet Security, S. Garfinkel and G. Spafford , O’Reilly, ISBN: 978-0596003234, 2003
  • Cryptography and Network Security Principles and Practice, 7th Edition, W. Stallings, Pearson Education, ISBN: 978-0134444284, 2017
  • Applied Cryptography 2nd Edition, B. Schneier, Wiley, ISBN: 978-0471117094, 1996
  • Computer Security, D. Gollmann, J. Wiley & Sons, ISBN: 978-0470741153, 2011
  • Computer Security, M. Bishop, Addison Wesley, ISBN: 978-0321247445, 2005
  • Instant AutoIT scripting, E. Fez Lazo, PACKT, ISBN: 978-1-78216-578-1, 2013
  • Building Internet Firewalls, 2nd Edition, E.D. Zwicky, S. Cooper and B. Chapman, O Reilly, ISBN: 1-56592-871-7, 2000
  • Network Intrusion Detection, 3rd Edition, S. Northcutt and J. Novak, New Riders, ISBN: 978-0735712652, 2002
  • The GNU LibGCrypt reference manual, https://www.gnupg.org/documentation/manuals/gcrypt.pdf
  • The Mcrypt library, N. Mavroyanopoulos, http://mcrypt.hellug.gr/index.html
  • Implementing a Secure Local Area Network Environment, S. Kontogiannis, http://spooky.math.uoi.gr/~skontog/diplo.pdf, 2003.