This course aims at illustrating the main security methodologies, techniques and tools to design a secure infrastructure. In particular, the following topics will be covered:
Security basic concepts and requirements; authentication, authorization and auditing (AAA); design principles of a secure infrastructure; security policies and mechanisms;
Access control models, ACL, MAC, DAC, RBAC (Role Based Access Control), XACML standard, JAAS architecture.
Cryptographic algorithms and Digital Signature; symmetric and asymmetric cryptosystems; DES; RSA; Public Key Infrastructures (PKI); Digital Signature; x.509 standard for digital certificates.
Network security: overview on network security threats; Firewalls and IDS: models and architectures; security protocols: PGP, SSL/TLS; VPN.
Authentication Protocols in distributed systems; Identity ed Access Management architectures;
Putting all togheter: Web security; design principles of complex security infrastructures; access control systems; back up, disaster recovery and business continuity policies.
Security Evaluation Criteria: Orange Book, TCsec, Itsec, BS 7799.
1. Course Introduction: Security basic concepts
2. Access Control models: Authentication and authorization mechanisms
6. Role Based Access Control standard (v3)
7. XACML: extensible Access Control Markup Language
8. Authentication Protocols in distributed system
10. Java Authentication and Authorization Service (JAAS)
11. Network security
12. Network security, security protocols: PGP, SSL
Valentina Casola is currently an Assistant Professor at the Department of Computer Science and Systems of the University of Napoli Federico II, Faculty of Engineering.
She has been teaching computer programming, computer architectures and computer security at the Faculty of Engineering of the University of Napoli, since 2005.
Her research activities are both theoretical and experimental and are focused on the following areas:
- Security evaluation methodologies based on models and metrics to evaluate security in distributed systems;
- Security methodologies to design distributed and secure infrastructures (security and performance tradeoff);
- Design of infrastructures for the cooperation and integration of distributed and heterogeneous systems (Web Services, Wireless Sensor Networks, Grid, Cloud).
This research work is led in cooperation with other academic institutions and national enterprises within national and international research projects.
Valentina Casola has published a number of journal and conference papers in these and related areas. She is member of Program Committees of international conferences and she serves as reviewer for journals and conferences.