Introdução à Segurança Informática (Introduction to Computer Security)
This course addresses the problem of security in open computational systems, including computers and communication networks, i.e., under a distributed systems perspective. No pre-requisites are demanded on security subjects, but it is expected that students have at least introductory notions of: computational systems and computer networks; operating systems and distributed systems. The valences acquired with the course consist of the knowledge of the foundations, main paradigms and models of security in computer systems and networks from a broad perspective. Students will also be able to understand the main strategies and decisions behind the design of secure computer systems, and will be exposed to the most relevant examples of current systems and technologies. Students will be able to extend this knowledge with subsequent post-graduate studies, or to directly apply it in their professional life, with an advantage in relation to researchers or professionals with a shallow or casual training in security. Throughout the course, students are intended to deal with fundamental security paradigms, like cryptography and access control, or with models for system security such as firewalls, authentication and authorization, key distribution centers, electronic transactions and payment. They will understand the fundamental causes of insecurity— vulnerabilities, originating from design and configuration or operation mistakes; and attacks caused by hackers, leading to intrusions— and the several design strategies and tradeoffs to cope with the former. Students will be exposed at introductory level to concrete technologies like: DES, AES, IDEA, RSA, MD5, SHA, DigiCash, SSL, SSH, Kerberos, PGP, IPTables, Snort. A paper case study will consolidate the course subjects around the design of a secure enterprise system.
Sistemas de Software Seguros (Secure Software Systems)
Secure Software Systems is a graduate-level course in software security. The objective of the course is to give the students the mental tools necessary to understand the problem of the security of the computer and its software, vis-à-vis the security of the communication or distributed system. The course gives an insight into the security problems in modern software systems, and presents paradigms, models and tools to tackle these problems. Pre-requisites are Introduction to Computer Security, and it is expected that students have at least introductory notions of: computational systems and computer networks; operating systems and distributed systems programming. The first part of the course is an overview of software security, presenting also the basic protection mechanisms (memory protection, access control). In the second part the course presents the main classes of vulnerabilities and how they might be prevented directly: buffer overflows, race conditions, randomness and determinism problems, input validation and the web, passwords and secret data, database security, client-side security. The third part is about techniques and tools to improve the security of software: static analysis, fault/attack injection, assurance/certification, and trusted computing.
Tolerância a Faltas Distribuída (Distributed Fault Tolerance)
The increasing usage of distributed systems in a number of applications raises two problems: i) the increasing number of components of the system raise concerns about their reliability; ii) the geographical distribution raises interesting possibilities of multi-host replication. The course introduces the concept of distributed fault tolerance, which makes use of several interconnected hosts to replicate software components in a less expensive and more flexible way than with dedicated hardware. The course addresses concepts, methodologies and mechanisms to build reliable networked systems.
Tolerância a Intrusões (Intrusion Tolerance)
This advanced course addresses the problem of security of computer and communication networks under the tolerance paradigm, or how to prevent security failures under the allowed presence of malicious faults (vulnerabilities, attacks and intrusions). Pre-requisites are Introduction to Computer Security, and it is expected that students have at least introductory notions of: computational systems and computer networks; operating systems and distributed systems. The valences acquired with the course consist of a body of knowledge complementary to the standard prevention approach, which traditionally requires difficult to attain levels of system robustness and intensive and costly human intervention. Figuratively, intrusion tolerance is the road to automatic security, pretty much along the philosophy of classic fault tolerance for accidental faults. Students will be able to master the fundamental concepts, paradigms and mechanisms of intrusion tolerance. They will be exposed to the most relevant examples of such mechanisms, and they will learn to look at several legacy systems and technologies under the intrusion tolerance perspective. Students will also be able to incorporate these notions with classical security notions in a complete design of secure computer systems. Students acquiring the subjects of this course are likely to get a competitive edge in relation to researchers or professionals with a classical training in security, as intrusion tolerance is becoming a mainstream technique in computer systems security. Throughout the course, students are intended to review the fundamental security and dependability concepts and put them in perspective with intrusion tolerance. Classes of fault models adequate to the malicious area— expressing vulnerabilities, attacks and intrusions— will be presented and methods for obtaining security in the light of each class— mechanisms, paradigms, algorithms— will be discussed. Students will study solutions to known hard problems under intrusion tolerance, such as intrusion detection and automated recovery, or denial of service.
Segurança Aplicada (Special Topics in Applied Security)
This course provides an in-depth study of several topics related to the development and deployment of secure distributed systems. Today, in a global market, organizations and individuals need to be interconnected among them and through the Internet, in order to provide information and services to users, create relations between partners and do business. In this open environment, several kinds of threads exist, perpetrated by a range of individuals. This course will focus on state-of-the-art technologies and solutions for building systems and conducting secure operations in this potentially adverse environment. Pre-requisites are Introduction to Computer Security, and it is expected that students have at least introductory notions of: computational systems and computer networks; operating systems and distributed systems. The course achieves a balanced coverage of: in-depth study of some cryptographic algorithms and mechanisms previously addressed at introductory level; and insight into the implementation of secure distributed systems. The cryptography part addresses basic theory of hash and encryption, studies some popular algorithms, and discusses limitations of these techniques. The system and network security part deals with distributed authentication and key distribution, including a detailed analysis of public key infrastructures, and secure communication on the Internet. In addition, crucial applications such as secure email and electronic payment are also covered. The lecture concepts are complemented through two medium sized hands-on projects. The first one comprises the implementation, optimization and experimental evaluation of a well-known cryptographic algorithm. The second project is about the design and implementation of a secure (real or simulated) distributed application. These projects introduce students to the practical difficulties and trade-offs of developing cryptographic and security techniques and their use to protect a system.
Programação em Sistemas Distribuídos (Distributed Systems Programming)
The objective of this course is to provide a global perspective of the several architectures and models for the construction of and programming in distributed systems. The course is a capstone course for the initial training in systems (OS, networks, Distributed Systems), where the student desirably acquires a holistic view on the design of distributed systems, which will allow her/him to solve concrete problems by the selective application of the notions previously learned. The competences acquired with the course consist of: the consolidation of the knowledge of foundations, main paradigms and services of distributed systems; the capacity of deciding the applicability of the available architectures and models to diverse situations; the mastering of the several distributed systems programming techniques. This course assumes that students are familiar with fundamental concepts of distributed systems.
Ciber crime e análise forense (Cyber crime and digital forensics)
This course provides an in-depth study of several topics related to information security and its articulation with legal aspects and digital forensics.
The course will target legislative interpretation of criminal acts, due response to incidents and evidence admissibility, along with organizational compliance procedures.
The main goal will be to deliver practical approaches and knowledge to computer engineers for dealing with key legal aspects in preventive and reactive actions, trying to increase awareness on conceptual modifications about log’s and electronic communications data traffic.
Análise e Gestão de Risco em Segurança Informática (Security Risk Analysis and Management)
This course will enable the student to effectively perform information security risk analysis and management and support organizational decision making in the context of information security investments. The course introduces a cost-benefit analysis of security assets decisions and financial models that allow evaluating information security investments: Return On Investment – ROI, Net Present Value – NPV, Internal Rate of Return – IRR. A brief introduction to security assessment will also be given. In addition, the course will approach data analysis and knowledge extraction in the context of information security.
Case studies will be discussed. The course will include exposure or introduction to existing computational tools for the several activities approached (data analysis, risk analysis and management, and risk assessment).
Sistemas Ciberfísicos (Cyber-Physical Systems)
In this course, students will be introduced to the concepts of Cyber-Physical Systems (CPS). Upon conclusion students will be aware of the state-of-the-art in the field and of the problems related to the design and implementation of CPS, as well as of common and innovative applications of CPS. The main aspects of the design and implementation will be approached both theoretically and in practice: modelling physical systems and interacting with them; real-time requirements, models and operating system's; communication approaches and standards; and data fusion and data dependability.
Software Fiável (Software Reliability)
This course aims to introduce the key formal methods that are currently used in the process of software development that support the verification of code or of the intermediary models. More traditional techniques s.a. testing will be also presented and the limitations and capabilities of the different methods will be analysed and compared. Furthermore, the students should develop hands-on skills with tools such as JML, ESC/Java2, and SPIN.
Procedimentos de Segurança e Manuseamento de Informação Classificada (Security procedures and handling of classified information)
This course aims to give the students skills that allow them to manage communication and information systems, taking into account skills needed to make decisions, or delegation responsibilities’. In this context, they are also taught concepts that allow them to develop skills that enable the management activity in operations centers, in coordination with other centers of decision. Are well developed ability to enable collaboration in activities of project management, planning of information systems and information analysis.
Configuração e Gestão de Sistemas (Systems Configuration and Management)
The objective of the course is to complement the concepts obtained in systems’ courses with a systemic view of the configuration of computer systems, distributed systems and computer networks, and their management and exploitation. The idea is to consolidate a set of notions in the areas of systems and network administration, giving them a broad coverage of truly strategic systems management.
Direito da Cibersegurança (Cybersecurity Law)
Understanding the key issues related to the cybersecurity, and how they arise today. Providing depth and monographic approaches to this theme of scientific forefront, encouraging skills of research, analysis, criticism and debate, in order to enable participants to become protagonists of theoretical progress in this area of expertise.