Base Knowledge
Computer Networks.
Teaching Methodologies
The following teaching methodologies are used in this course:
1 – Expository method: explanatory method where theoretical foundations and concepts are presented by
the teacher and discussed with the class, followed by demonstrative examples;
2 – Experimental method: active method where the student develops knowledge through problem solving,
and via the development of individual or group laboratory projects.
Learning Results
At the end of the course the student should be able to:
1. Define and explain the security elements. Indicate the importance of security policies in information systems. Justify and discuss modern security threats.
2. Explain the main types of authentication protocols. Analyze and identify the different forms of authentication. Discuss and demonstrate the use of authentication protocols in wireless networks.
3. Classify the different types of encryption. List the classic and modern encryption algorithms. Explain the features of symmetric encryption. Summarize symmetric encryption types and cipher modes. Discuss how asymmetric encryption works. Synthesize the approaches available to manage public keys, and demonstrate using PGP.
4. Illustrate and analyze the algorithms for integrity control, authentication and non-repudiation . Explain how a digital signature works. Discuss and illustrate the use of a digital signature through the citizen card.
5. Identify the different auditing techniques. Design, create and modify solutions that allow systems monitoring. Demonstrate the use of intrusion detection and prevention software.
6. List and analyze the different types of VPN. Explain and justify the existence of different types of firewalls. Illustrate the installation and configuration of a VPN and a firewall.
7. Recognize the different software security techniques. Discuss database security techniques. Analyze security in electronic commerce and transactions. Summarize the main aspects and techniques of security involving operating systems.
Program
1. Security concepts. Security elements: authentication, confidentiality (encryption), integrity, authorization, non-repudiation. Security policies in information systems. The ISO 17799 standard. Modern security threats. Types of malware (viruses, worms, trojan horses) and attacks (recognition, access and DoS). Types of vulnerabilities.
2. Authentication. Protocols. Types: mutual, session keys, entity-mediated, indirect, Single Sign-On (SSO). Person authentication: memorized password, shared secret key, private key, one-time passwords, biometrics, integrating middleware (PAM). Server authentication. Wireless networks: IEEE 801.1x and EAP. Authentication services: Kerberos, RADIUS.
3. Confidentiality. Classification. Classic Encryption. Transposition. Substitution (monoalphabetic, polyalphabetic). Modern encryption. Symmetric encryption (blocks, stream). Encryption modes (ECB, CBC, CFB, OFB, CTR). Asymmetric encryption. Public key management (distribution types, digital certification, PKI, CRL, OCSP). Pretty Good Privacy (PGP).
4. Integrity. Algorithms and techniques for integrity control. Digest functions (MD5, SHA). Authentication and non-repudiation algorithms and techniques: MAC (HMAC, CBC MAC), Digital Signatures. Citizen Card: digital signatures and certification hierarchies.
5. Auditing techniques. Sniffing: tcpdump, wireshark. Monitoring: SNMP, NetFlow. Scanning: NMAP, Open VAS, Nessus. Spoofing. Intrusion detection and prevention techniques: snort, tripwire.
6. VPNs and Firewalls. VPNs classification: remote-access, site-to-site. Types: SSH VPN (Open SSH), SSL/TLS VPN (OpenSSL, GnuTLS), IPSec VPN, PPTP VPN, L2TP VPN, Open VPN. Firewalls. Types: packet filtering, circuit-level gateway, application-level gateway (proxy firewall), stateful inspection, next-generation firewall (NGFW). Examples: IPtables, ACLs.
7. Software security techniques. Database security techniques. Security in commerce and electronic transactions. Operating systems security.
Curricular Unit Teachers
Internship(s)
NAO
Bibliography
Correia, M., & Sousa, P. (2017). Segurança no software (2nd ed.). FCA.
Granjal, J. (2013). Gestão de sistemas e redes em Linux (3rd ed.). FCA.
Granjal, J. (2017). Segurança prática em sistemas e redes com Linux (1st ed.). FCA.
Santos, O., & Stuppi, J. (2015). CCNA security 210–260 official cert guide (1st ed.). Cisco Press.
Stallings, W. (2016). Network security essentials: Applications and standards (6th ed.). Pearson.
Stallings, W. (2019). Cryptography and network security: Principles and practice (8th ed.). Pearson.
Zúquete, A. (2021). Segurança em redes informáticas (6th ed.). FCA.