Giuseppe PERSIANO | SECURE PROGRAMMING AND SECURE APPLICATIONS

cod. 0222600007

SECURE PROGRAMMING AND SECURE APPLICATIONS

	0222600007
	DIPARTIMENTO DI SCIENZE AZIENDALI - MANAGEMENT & INNOVATION SYSTEMS
	EQF7
	BUSINESS INNOVATION AND INFORMATICS - BUSINESS, INNOVAZIONE ED INFORMATICA
	2018/2019

CURRICULUM SECURITY AND AWARENESS Cohort 2017/2018

	OBBLIGATORIO
	YEAR OF COURSE 2
	YEAR OF DIDACTIC SYSTEM 2016
	PRIMO SEMESTRE

TEACHING UNITS

	SSD	CFU	HOURS	ACTIVITY	TYPE OF ACTIVITY
	INF/01	10	60	LESSONS	COMPULSORY SUBJECTS, CHARACTERISTIC OF THE CLASS

	Objectives
	THE COURSE AIMS TO PROVIDE STUDENTS WITH AN ENDOWMENT OF KNOWLEDGE RELATED TO THE MOST WIDELY USED SECURITY LIBRARY AND HOW TO USE THEM TO BUILD SECURE APPLICATIONS. IN ADDITION THE COURSE WILL DISCUSS THE ELEMENTS OF LANGUAGE-BASED SECURITY USED TO CONSTRUCT SAFE SOFTWARE. THE STUDENT, AT THE END OF THE COURSE, WILL HAVE ACQUIRED PRACTICAL SKILLS RELATED TO THE DESIGN OF SECURE APPLICATIONS AND THEIR IMPLEMENTATION IN MAJOR PROGRAMMING LANGUAGES (C++ OR JAVA). THE COURSE WILL ALSO THOROUGHLY DISCUSS THE PUBLIC-KEY INFRASTRUCTURE MODEL THAT IS AT THE BASE OF THE TLS PROTOCOL. THE STUDENT WILL BE ENCOURAGED TO CLEARLY PRESENT DESIGN OF THE APPLICATIONS AND TO DISCUSS WHICH LIBRARY IS BETTER SUITED AND WHY IT REPRESENTS A SATISFACTORY SECURE SOLUTION FOR THE PROBLEM AT HAND. AT THE END OF THE COURSE THE STUDENTS WILL BE ABLE TO JUDGE THE BEST SOFTWARE DESIGN FOR THE SECURE APPLICATIONS AND WHETHER THE PUBLIC-KEY INFRASTRUCTURE MODEL IS ADEQUATE FOR SOLVING THE PROBLEM AT HAND.

THE COURSE AIMS TO PROVIDE STUDENTS WITH AN ENDOWMENT OF KNOWLEDGE RELATED TO THE MOST WIDELY USED SECURITY LIBRARY AND HOW TO USE THEM TO BUILD SECURE APPLICATIONS. IN ADDITION THE COURSE WILL DISCUSS THE ELEMENTS OF LANGUAGE-BASED SECURITY USED TO CONSTRUCT SAFE SOFTWARE.

THE STUDENT, AT THE END OF THE COURSE, WILL HAVE ACQUIRED PRACTICAL SKILLS RELATED TO THE DESIGN OF SECURE APPLICATIONS AND THEIR IMPLEMENTATION IN MAJOR PROGRAMMING LANGUAGES (C++ OR JAVA). THE COURSE WILL ALSO THOROUGHLY DISCUSS THE PUBLIC-KEY INFRASTRUCTURE MODEL THAT IS AT THE BASE OF THE TLS PROTOCOL.

THE STUDENT WILL BE ENCOURAGED TO CLEARLY PRESENT DESIGN OF THE APPLICATIONS AND TO DISCUSS WHICH LIBRARY IS BETTER SUITED AND WHY IT REPRESENTS A SATISFACTORY SECURE SOLUTION FOR THE PROBLEM AT HAND.

AT THE END OF THE COURSE THE STUDENTS WILL BE ABLE TO JUDGE THE BEST SOFTWARE DESIGN FOR THE SECURE APPLICATIONS AND WHETHER THE PUBLIC-KEY INFRASTRUCTURE MODEL IS ADEQUATE FOR SOLVING THE PROBLEM AT HAND.

	Prerequisites
	Knowledge of C and of an object-oriented language

	Contents
	COURSE PROGRAM: THE COURSE IS DIVIDED INTO TWO PARTS: PRIMITIVES AND PROTOCOLS AND FOR EACH PART IT WILL DISCUSS THE MAIN INDUSTRIAL STANDARDS AND HOW THEY ARE IMPLEMENTED IN THE MOST WIDELY-USED LIBRARIES PRIMITIVES PUBLIC-KEY ENCRYPTION (RSA, RSA-OAEP) DIGITAL SIGNATURES (DSA) PROTOCOLS IDENTIFICATION (THE TLS HANDSHAKE AND X509 CERTIFICATES) KEY EXCHANGE (DIFFIE-HELLMAN)

	Teaching Methods
	LECTURES AND SUPERVISED LAB (60 hours and 10 ECTS)

	Verification of learning
	PRESENTATION AND IMPLEMENTATION OF A PROJECT

	Texts
	KATZ-LINDELL -- INTRODUCTION TO CRYPTOGRAPHY

BETA VERSION Data source ESSE3 [Ultima Sincronizzazione: 2019-10-21]

Giuseppe PERSIANO | SECURE PROGRAMMING AND SECURE APPLICATIONS

SECURE PROGRAMMING AND SECURE APPLICATIONS

CURRICULUM SECURITY AND AWARENESS Cohort 2017/2018

TEACHING UNITS

PROFESSORS

SHEET

-

Giuseppe PERSIANO | SECURE PROGRAMMING AND SECURE APPLICATIONS