2023
Security
Name: Security
Code: INF13210L
3 ECTS
Duration: 15 weeks/78 hours
Scientific Area:
Informatics
Teaching languages: Portuguese
Languages of tutoring support: Portuguese, English
Regime de Frequência: Presencial
Sustainable Development Goals
Learning Goals
After concluding this curricular unit, the student should be able be able to demonstrate the capacity to:
* Identify the main causes of security flaws in computer systems;
* Identify and apply preventive and correction solution for the main threats;
* Identify the main documentation sources for knowledge update;
* Search, understand, and adapt to new systems;
* Contribute to security and policy plans in low complexity systems;
* Identify the main causes of security flaws in computer systems;
* Identify and apply preventive and correction solution for the main threats;
* Identify the main documentation sources for knowledge update;
* Search, understand, and adapt to new systems;
* Contribute to security and policy plans in low complexity systems;
Contents
- Introduction to security
-- Fundamental concepts
-- Threats, attacks and assets
-- Functional requirements
-- Design Principles
-- Security strategies
- Cryptography
-- Symmetric and asymmetric cryptography
-- Message authentication
-- Hash functions
-- Public key encryption
-- Digital signatures and key management
- Authentication
-- Electronic authentication principles
-- Authentication types
- Access control
-- Fundamental principles
-- Roles and attributes
-- Identity, credentials and access management
-- Trust frameworks
- Software Security
-- Security Problems
-- Manipulation of input and output data
-- Secure software
-- Interaction with the OS and other programs
- Attacks and threats
-- Common attacks and threats
- Intrusions
-- Intrusion detection
-- Firewalls and prevention systems
- Security management
-- Organization context and security policies
-- Security risk analysis
-- Security plans
-- Infrastructure security and human resources
-- Fundamental concepts
-- Threats, attacks and assets
-- Functional requirements
-- Design Principles
-- Security strategies
- Cryptography
-- Symmetric and asymmetric cryptography
-- Message authentication
-- Hash functions
-- Public key encryption
-- Digital signatures and key management
- Authentication
-- Electronic authentication principles
-- Authentication types
- Access control
-- Fundamental principles
-- Roles and attributes
-- Identity, credentials and access management
-- Trust frameworks
- Software Security
-- Security Problems
-- Manipulation of input and output data
-- Secure software
-- Interaction with the OS and other programs
- Attacks and threats
-- Common attacks and threats
- Intrusions
-- Intrusion detection
-- Firewalls and prevention systems
- Security management
-- Organization context and security policies
-- Security risk analysis
-- Security plans
-- Infrastructure security and human resources
Teaching Methods
The teaching methodology involves:
- Make all resources available through a teaching platform (e.g.: Moodle)
- Provide all relevant resources before each presencial session;
- Present examples, demonstrations and resolutions for problems for each presented case scenario;
- Presentation and submission of exercises via the digital teaching platform;
- Concepts are presented considering the projects to be implemented;
- Session with a guest speaker from the business world about one of the lectured topics, demonstrating the applications and concepts in practical cases;
- Make all resources available through a teaching platform (e.g.: Moodle)
- Provide all relevant resources before each presencial session;
- Present examples, demonstrations and resolutions for problems for each presented case scenario;
- Presentation and submission of exercises via the digital teaching platform;
- Concepts are presented considering the projects to be implemented;
- Session with a guest speaker from the business world about one of the lectured topics, demonstrating the applications and concepts in practical cases;
Assessment
Evaluation:
- Continuous or final form:
- In continuous form, a written test (30%), a practical project (35%) and a theoretical article or paper (35%);
- In the final form, a written exam (40%) and a theoretical-practical project, including a written article (60%);
- In both forms, the discussion and defense of the presented works are included.
- Continuous or final form:
- In continuous form, a written test (30%), a practical project (35%) and a theoretical article or paper (35%);
- In the final form, a written exam (40%) and a theoretical-practical project, including a written article (60%);
- In both forms, the discussion and defense of the presented works are included.
Teaching Staff
- Pedro José Grilo Lopes Patinho [responsible]
