Understand the dynamic nature and duality of the notion of security of computer systems
Define appropriate policies for the protection of computer systems, considering, among other aspects, their concrete assets, actors and motivations and identified threats
Apply mechanisms and tools necessary to implement security policies defined to protect specific computer systems
Apply procedures, techniques and tools for recognizing the security posture of computer systems
Apply techniques and tools
Program
Introduction to the security of computing systems (e.g. properties, actors, motivations)
Digital asset protection principles (e.g. reference model, least privilege, multi-level security)
Threat modeling, risk mitigation and security policies
Identity, authentication and access control
Identity and credentials management
Vulnerabilities, exploits and malicious software in the operating system
Security and isolation in the operating system (files, communication, processes, containerization, virtualization, secure execution environments)
Monitoring, detection and prevention of intrusion into the operating system
Identification of vulnerabilities and penetration tests in computer systems
Bibliography
Stallings, W. and Brown, L. Computer Security: Principles and Practice (4th Edition), Pearson 2018;
Pfleeger, C., Pfleeger, S., and Coles-Kemp, L., Security in Computing (6th Edition), O’Reilly 2023.
Du, W., Computer Security: A Hands-on Approach (3rd Edition), CreateSpace, 2022;
Stallings, W. Cryptography and Network Security: Principles and Practice (8th Edition), Pearson 2022;
Gollmann, D., Computer Security (3rd Edition), Wiley 2011.