SYSTEM SECURITY PROGRAMMING TECHNIQUES

Diplomatic, International and Global Security Studies SYSTEM SECURITY PROGRAMMING TECHNIQUES

1212500018
DEPARTMENT OF MANAGEMENT & INNOVATION SYSTEMS
EQF6
DIPLOMATIC, INTERNATIONAL AND GLOBAL SECURITY STUDIES
2022/2023

OBBLIGATORIO
YEAR OF COURSE 3
YEAR OF DIDACTIC SYSTEM 2019
AUTUMN SEMESTER
CFUHOURSACTIVITY
642LESSONS
ExamDate
GALDI C.16/12/2022 - 15:00
GALDI C.16/12/2022 - 15:00
GALDI C.09/01/2023 - 15:00
GALDI C.09/01/2023 - 15:00
GALDI C.25/01/2023 - 15:00
GALDI C.25/01/2023 - 15:00
GALDI C.17/02/2023 - 15:00
GALDI C.17/02/2023 - 15:00
GALDI C.13/04/2023 - 15:00
Objectives
THE COURSE AIMS AT PRESENTING THE BASIC PRINCIPLES OF SECURE PROGRAMMING.

IT WILL PROVIDE GUIDELINES AND BEST PRACTICE FOR DESIGN AND IMPLEMENTATION OF SECURE SYSTEMS. TO THIS AIM, IT WILL EXPLORE MAIN SOFTWARE VULNERABILITIES IN ORDER TO ALLOW STUDENTS TO UNDERSTAND THE CONDITIONS UNDER WHICH SUCH ATTACK VECTORS CAN BE IMPLEMENTED. IT WILL ALSO PROVIDE STRATEGIES TO MITIGATE KNOWN VULNERABILITIES.
Prerequisites
BASIC KNOWLEDGE OF COMPUTER ARCHITECTURE, OPERATING SYSTEMS AND COMPUTER NETWORKS. KNOWLEDGE OF PROGRAMMING TECHNIQUES.
Contents
THE COURSE WILL PROVIDE BASIC METHODOLOGIES FOR THE EVALUATION OF INFORMATION SYSTEM SECURITY.
SPECIFICALLY, THE COURSE WILL PROVIDE:
- AN INTRODUCTION TO THE TECHNIQUE FOR SYSTEMS' EVALUATION (8 HOURS)
- BASICS OF STATIC ANALYSIS (8 HOURS)
- DEFINITIONS OF SYSTEM VULNERABILITY AND INTRODUCTION TO DATABASES OF KNOWN VULNERABILITIES (4 HOURS)
- INTRUSION VECTORS AND TECHNIQUES. LOCAL AND REMOTE CODE INJECTION (10 HOURS)
- TECHNIQUES FOR VULNERABILITY MITIGATION (12 HOURS)
Teaching Methods
THE COURSE CONSISTS OF THEORETICAL LECTURES AND OF PRACTICAL SESSIONS IN LAB. DURING THE LATTER THE STUDENTS WILL BE REQUIRED TO SOLVE EXERCISES UNDER THE GUIDANCE OF THE INSTRUCTOR.
Verification of learning
THE EXAMS CONSISTS OF AN ORAL EXAMINATION THAT WILL EVALUATE THE LEVEL OF COMPREHENSION OF COURSES TOPICS AND THE ABILITY OF STUDENTS TO APPLY SUCH KNOWLEDGE TO REAL-LIFE CASES.
Texts
TEACHING MATERIAL PROVIDED BY THE INSTRUCTOR.
More Information
DAN BERGH JOHNSSON, DANIEL DEOGUN, DANIEL SAWANO
SECURE BY DESIGN
MANNING PUBLISHING, 2019, ISBN 9781617294358

MICHAEL HOWARD, DAVID LEBLANC
WRITING SECURE CODE: PRACTICAL STRATEGIES AND PROVEN TECHNIQUES FOR BUILDING SECURE APPLICATIONS IN A NETWORKED WORLD
MICROSOFT PRESS, 2002, ISBN: 0735617228

MICHAEL HOWARD, DAVID LEBLANC, JOHN VIEGA
24 DEADLY SINS OF SOFTWARE SECURITY: PROGRAMMING FLAWS AND HOW TO FIX THEM
MCGRAW HILL, 2009, ISBN: 0071626751
  BETA VERSION Data source ESSE3 [Ultima Sincronizzazione: 2022-11-30]
  • Diplomatic, International and Global Security Studies