Network and Computer Systems Security

Objectives

Available soon

General characterization

Code

11619

Credits

6.0

Responsible teacher

Henrique João Lopes Domingos, José Augusto Legatheaux Martins

Hours

Weekly - 4

Total - 48

Teaching language

Português

Prerequisites

Prior knowledge on:

  • Foundations of computer networks, protocols and services, particularly standard protocols and services in the TCP/IP stack;
  • Foundations, principles and programming paradigms for the design and operation of distributed systems and applications
  • Operating systems foundations

including:

practical skills on distributed programming and use of software development tools (ex, Eclipse IDE or any other IDE amd development of Java and Maven Projects) and practice with programming languages* (ex., Java, C#, C++ ). It is also required initial experience in using UNIX-based systems (ex, Linux distributions or Mac-OS and use of shell-based environment), as well as initial experience in installing and using virtualization environments (ex, VBox or VMware), or containerized and virtualized software components and applications (ex, Docker, Docker Composing). 

Previous practice in TCP/IP and distributed systems programming (using sockets, RMI and REST or Rest-Based Web Services).

 

Bibliography

- W. Stallings,  Cryptography and Network Security - Principles and Practice, Pearson 8/E, 2020

- W. Stallings, L. Brown,  Computer Security: Principles and Practice, Pearson 4/E, 2018

- Katz, Lendell, Introduction to oder Cryptography,  2/E., CRC, 2015

Additional refs.:

- W. Stallings,  Network Security Essentials - Applications and Services, Pearson, 6/E, 2016

- Gollmann, Computer Security, 3rd Ed, Wiley, 2011

- B. Schneier, Applied Cryptography, 1996, Wiley

- A. Zúquete, Segurança em Redes Informáticas, 5ª Ed., 2018, Ed. FCA

Teaching method

The course is organized in lectures for presenting and discussing foundations, concepts, principles, paradigms, techniques or algorithms.

Labs are organized for presenting computer and network security techniques (following the program), involving the demonstration of such techniques or related components and development of practical work assignments including the mandatory assessment assignments. Some sessions are planned for discussing practical solutions on proposed problems, as well as support for implementation of the assessment projects or work-assignments.

Assessment components

  • 2 frequency tests (midterm): T1, T2
    • Cover the program topics
    • Tests with 2h30m (ref)
      • 1h-1h30m: closed book questions
      • 1h-1h30m: open book questions (printed and individual sources). Can include practical questions from lab exercises, as well as, evaluation questions related to work-assignments
  • 2 Work-Assignments as mini-projects: TP1,  TP2
  • Developed individually or in workgroups (2 students maximum)
    • Group members must have at least 65% presences in classes
    • Practical evaluaton will have an individual assessment factor, so the practical evauation will be individual (independently of groups)
  • Evaluation includes: development, completeness, quality, correctness and practical evaluation
  • Students may eventually be scheduled for proof of implementation, demonstration and complementary discussion of assignments.



Grade conditions1

Obs) The assessment rules below can be modified, depending on possible orientations or situation due to the Covid-19 pandemic. 

- Frequency

  • Frequency Assessment AF = 40% (TP1) + 60% (TP2)
  • Frequency condition (AF): AF >= 9,5/20

- Grade with Frequency (AC)

  • Frequency condition
  • Midterm Evaluation AC = 35% AF + 30% (T1) + 35% (T2)
  • Grade condition (AC): AC >= 9,5/20 and average (T1, T2) >= 9,5/20 

- Grade with Appeal Exam (ER)

  • Frequency condition
  • Final assessment with Appeal Exam AER = 40% AF + 60% ER
  • Grade with Appeal Exam (AER): AER >= 9,5/20 and ER >= 9,5/20

1) Students with frequency and exam (appeal) access conditions obtained in 2018/2019 can use the obtained frequency classification.

Evaluation method

 Assessment components and rules

Obs) these are the assessment methods and rules initially established as reference. Changes or adaptations can be done depending on the Convid-19 Pandemic situation and particular instructions in FCT/UNL

  • 2 frequency tests (midterm): T1, T2, covering the program topics
    • Tests initially planned for physical presence (face-to-face)
    • Closed-book tests. Students cannot use electronic devices, computers, mobile/smart phones, tablets or any equipment with communication capacity 
  • Two project-assignments: TP1, TP2 
    • Individual or gour-development (two students max.) but with individual submission by electronic means (even when the projects are developed in group)
    • Submission on the defined deliverable dates: submission form, with questions, attachments -report and code (sources and binaries/executables) with code managed and available in a development platform (GitHub prjoject)
    • TP1 and TP2 evaluation will be complemented by an individual practical test component (initially planned to be conducted presentially) - up to 20% of the evaluation of TPs
    • Information about class-participation (exercices, hands-on activities in lab-classes) can be used as a complementary adjustement factor for individual pratical evaluation

Grade conditions1

- Frequency

  • Frequency AF = 40% (TP1) + 60% (TP2)
  • Frequency condition (AF): AF >= 98/20 with TP2 >=9,5/20
  • Students with frquecy obtained in 2019/2020 can use this evaluation, with the final evaluation using the current rules in 2020/2021.

Grade with Frequency (AC)

  • Frequency condition
  • Midterm Evaluation AC = 40% AF + 25% (T1) + 35% (T2)
  • Grade condition (AC): AC >= 9,5/20 and average (T1, T2) >= 9,5/20 

- Grade with Appeal Exam (ER)

  • Frequency condition
  • Final assessment with Appeal Exam AER = 40% AF + 60% ER
  • Grade with Appeal Exam (AER): AER >= 9,5/20 and ER >= 9,5/20

Subject matter

1. Introduction

2. Foundations and models for computer systems and network security

  • Security Frameworks: OSI X.800, ANSI, NIST/FIPS PUB
  • Other Security Frameworks and Organizational Security Standards
  • Distributed Systems Security: Communication Security, Perimeter Defenses and Systems Security 
  • TCP/IP Stack: Security services and standards
  • Systems for perimeter defenses
  • Isolation, containment and trusted execution environments

3. Applied cryptography and cryptographic tools

  • Symmetric encryption: methods, algorithms and standards.
    • Use and programming  with secure symmetric constructions 
    • Patterns with mode and padding parameterizations: PKCS patterns
    • Cipher modes of operation: ECB, CBB, PCBC, OFB, CFB, CTR
    • Authenticated modes: GCM and CCM
  • Public-key cryptography: methods and algorithms
    • Secure constructions using asymmetric cryptography.
    • Secure envelopes using assymetric cryptography: RSA with PKCS and OAEP patterms. Eliptic curves: algorithms, use and programming.
  • Digital signatures: standards, parameterizations and programming constructions: RSA PKCS#1, DSA and ECDSA
    • Threshold-based Digital Signatures
  • Diffie Helmman method and generalizations: Group-Oriented Diffie Hellman Methods
  • Secure hash functions and authentication codes
    • Secure hashing algorithms
    • Authentication codes. MACs, HMACs and CMACs
  • Key distribution and establishment of security associations
  • Design and implementation of secure channels
  • Emerging cryptographic methods
    • Identity-based cryptography
    • Homomorphic cryptography
    • Post-quantum cryptography

4. Authentication and access control

  • Authenticated key-distribution and secrecy establishment
  • Basic authentication protocols and services: PAP, CHAP and RADIUS
  • Kerberos system
  • X509 Authentication and PKI/PKIX model and framework
  • Single Sign On and AAA systems
  • User authentication
    • Systems and technology for user authentication
    • Authentication factors and multifactor authentication
  • Access control models and methods
    • MAC, DAC, RBAC, ABAC and CBAC policy models
    • Mechanisms for permissions control
  • Federated identity management (FIM)

5. TCP/IP stack security services and standards

  • WEB security and HTTPS
  • TLS security stack
  • SSH
  • EMail security
    • POP3S, IMAPS, SMTPS, S/MIME, PGP, DKIM and DMARC
  • DNS security and DNSSEC
  • Security auditing of base standards for Internet security
  • IP level Security
    • IPSec stack: ESP, AH, IKE and ISAKMP
  • Secure virtual private networks
  • Security at IP routing level: attacks and countermeasures: Secure-BGP
  • Network access control and LAN/WLAN Security: EAP,  802.1x and 802.11i

6. Systems security

  • Security at operating system level
  • Security and virtualization
  • Software and Firmware Attestation: Trusted Platform Modules (TPMs)
  • Containment and isolation: protection of trustable computations
  • HW technology for trusted execution environments (TEEs)
  • Intrusion detection and intrusion prevention
  • Techniques and systems for perimeter defense
  • Operational security: IDS (NIDS, HIDS and DIDS), IPSs and Firewalls
  • SIEM and SOC-oriented systems
  • Honeypots and Honeynets
  • Security auditing and vulnerability assessment

Programs

Programs where the course is taught: