SYSTEM SECURITY

Academic year
2024/2025 Syllabus of previous years
Official course title
SYSTEM SECURITY
Course code
CM0631 (AF:513750 AR:286778)
Modality
Blended (on campus and online classes)
ECTS credits
6 out of 12 of SYSTEM AND SOFTWARE SECURITY
Degree level
Master's Degree Programme (DM270)
Educational sector code
INF/01
Period
1st Semester
Course year
1
Where
VENEZIA
Moodle
Go to Moodle page
This course aims at introducing basic concepts and techniques for the development of secure systems, providing the necessary skills and concepts for evaluating and increasing the security of applications and systems. In the first part of the course, we will cover security principles and technologies, software and system security, and security management issues.
- knowledge of basic concepts and techniques for the development of secure systems;
- knowledge of attack and defence techniques related to programs and systems;
- development of skills for the application of concepts to the analysis of real systems;
- development of skills for the management of security.
It is required basic knowledge of mathematics, programming (good level of C and basic notions of scripting and PHP), computer architectures, operating systems and computer networks.
1. User authentication
2. Access control
3. Malicious software
4. Database security
5. Denial of service
6. Intrusion detection
7. Software security
8. Operating system security
9. Trusted computing
10. Security API
11. Formal methods for security
12. Side-channels
William Stallings, Lawrie Brown. Computer Security Principles and Practice (Fourth Edition). Pearson Education 2018.
The exam consists of a written test that aims at verifying the knowledge of the different topics of the course. Assignments are not mandatory and aim at putting into practice the knowledge acquired and at verifying the competence in attacking and securing IT systems. Assignments consist of a problem (challenge) to solve, giving an extra score with respect to the the mark of the written test.

Grading criteria for the written test:

A. Scores in the range of 18-22 will be awarded when there is:
- Sufficient knowledge of the course subjects;
- Limited skills in performing practical exercises related to the course labs;
- Sufficient communication skills, particularly in the use of specific terminology related to system security.
B. Scores in the range of 23-26 will be awarded when there is:
- Reasonable knowledge of the course subjects;
- Reasonable skills in performing practical exercises related to the course labs;
- Fair communication skills, particularly in the use of specific terminology related to system security.
C. Scores in the range of 27-30 will be awarded when there is:
- Good to excellent knowledge of the course subjects;
- Good to excellent skills in performing practical exercises related to the course labs;
- Fully appropriate communication skills, particularly in the use of specific terminology related to system security.
D. Honors will be awarded for excellent knowledge, skills, and communication abilities.

Criteria for Awarding Challenge Bonuses:
A. Score from 0.1 to 0.3
- Sufficient skills in performing the exercise;
- Adequate communication skills in writing a report that describes the proposed solution.
B. Score from 0.4 to 0.5
- Good skills in performing the exercise;
- Good communication skills in writing a report that describes the proposed solution.
C. Score from 0.6 to 0.7
- Excellent skills in performing the exercise;
- Excellent communication skills in writing a report that describes the proposed solution.
Theoretical and practical lectures in class;
Online resources (lecture notes, slides, videos);
Chat and forum;
Challenges on various topics that give extra score.
English
written
Definitive programme.
Last update of the programme: 11/10/2024