Conteúdo / Main content

Início
Cursos
Engenharia Informática
Segurança de Sistemas Informáticos

Segurança de Sistemas Informáticos

Código	14465
Ano	1
Semestre	S2
Créditos ECTS	6
Carga Horária	PL(30H)/T(30H)
Área Científica	Informática
Learning outcomes	The objectives of this Course Unit are to consolidate the knowledge acquired in the course unit of computer security and to study advanced topics in implementation and engineering of secure software systems. It aims for the development of a critical conscience in the student regarding security problems in data communications and in the software during all of its development phases. At the end of the course unit, the student should be able to: properly implement and integrate modern cryptography mechanisms and protocols; correctly configure security mechanisms in operating systems; identify security issues in software and means to minimize them, particularly in Web applications; enforce security by design and practice the development of applications with fewer vulnerabilities, based on a more rigorous process of software engineering and on the design of penetration testing.
Syllabus	1. Remote and Local Authentication; Zero Knowledge Protocols. 2. Elliptic Curve Cryptography 3. Oblivious Transfer and Secure Multiparty Computation 4. Security in Operative Systems 5. Security in Web Applications 6. Vulnerabilities Associated with Programming 7. Input Validation and Dynamic Protection. 8. Software Auditing 9. Identification of Security Requirements, System and Attack Modeling
Teaching Methodologies and Assessment Criteria	The contents of this course unit are discussed in lectures (though interaction is fomented) and the practical part of those contents is explored in laboratory classes. Each type of class has two hours of weekly contact. The practical classes have lab guides that students perform in the computers of the laboratory. The labs include exercises concerning implementation and integration of cryptographic primitives, as well as security engineering.Moreover, the proposed practical works are designed so that the students develop the techniques described in the objectives of this course unit via the development of secure software systems. Evaluation is performed resorting to three main elements: - one written test for knowledge evaluation, worth 50% of the final grade (28/05/2025); - one practical test, worth 25% of the final grade (28/04/2025); - one practical team work with a presentation, worth 25% of the final grade (25/05/2025).
Main Bibliography	Pedro R. M. Inácio, Apontamentos teóricos e guias práticos laboratoriais de Segurança de Sistemas Informáticos, 2022; Miguel Pupo Correia and Paulo Jorge Costa, Segurança no Software, FCA - Editora de Informática, pp. 462, 2010. Mark Dowd, John McDonald, Justin Schuh, The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities, Addison-Wesley Professional, 1 edition, pp. 1200, 2006. Serge Vaudenay, A Classical Introduction to Cryptography Applications for Communications Security, Springer, pp. 370, 2005. Thomas Baigneres, Pascal Junod, Yi Lu, Jean Monnerat, Serge Vaudenay, A Classical Introduction to Cryptography Exercise Book, Springer, pp. 254, 2005. André Zúquete, Segurança em Redes Informáticas, FCA - Editora de Informática, 3ª Ed. (actualizada e aumentada), pp. 432, 2012. Margaret Cozzens, Steven J. Miller, The Mathematics of Encryption : An Elementary Introduction, American Mathematical Society (AMS), 2013. Alfred J. Men
Language	Portuguese. Tutorial support is available in English.

Regente


	Pedro R. M. Inácio

Curso

Engenharia Informática

As cookies utilizadas neste sítio web não recolhem informação pessoal que permitam a sua identificação. Ao continuar está a aceitar a política de cookies.