Ogni modulo equivale a 3 crediti ECTS. È possibile scegliere un totale di 10 moduli/30 ECTS nelle seguenti categorie:
- 12-15 crediti ECTS in moduli tecnico-scientifici (TSM)
I moduli TSM trasmettono competenze tecniche specifiche del profilo e si integrano ai moduli di approfondimento decentralizzati. - 9-12 crediti ECTS in basi teoriche ampliate (FTP)
I moduli FTP trattano principalmente basi teoriche come la matematica, la fisica, la teoria dell’informazione, la chimica ecc. I moduli ampliano la competenza scientifica dello studente e contribuiscono a creare un importante sinergia tra i concetti astratti e l’applicazione fondamentale per l’innovazione - 6-9 crediti ECTS in moduli di contesto (CM)
I moduli CM trasmettono competenze supplementari in settori quali gestione delle tecnologie, economia aziendale, comunicazione, gestione dei progetti, diritto dei brevetti, diritto contrattuale ecc.
La descrizione del modulo (scarica il pdf)riporta le informazioni linguistiche per ogni modulo, suddivise nelle seguenti categorie:
- Insegnamento
- Documentazione
- Esame
The course will
first give the necessary background knowledge in the field of
cybersecurity such as CIA and availability as well as data security. Thereby,
the module will define a threat and risk assessment accompanied with main
security standards and General Data Protection Regulation (GDPR).
Based on that, it will go in
deep to permit the student to have a complete overview how identify and list threats
and risks. Then, the student will be able to propose and implement a list of
mitigation mechanisms. This will be applied in three security fields: software
development, software security and web security based on tools.
The course
covers the following core topics:
- Reminder of basic knowledge about security
- Security development
- Software security
- Web security
Requisiti
- Cryptography basics
- Knowledge of at least one programming language, such as C, Python, Java
Obiettivi di apprendimento
- Understand and choose the appropriate cryptographic primitive(s)
- Identify and list the threats and risks of a system and propose different kind of mitigation mechanisms
- Understand, apply and use processes and tools towards secure development
- Understand, identify vulnerabilities in software and web applications then propose mitigations
Categoria modulo
Basics (25%):
- Confidentiality, integrity, availability, authenticity, authorization, accounting
- Threat model, malwares, etc.
- Data Protection and GDPR
- Risk and threat analysis and standards
Secure development (25%):
- SDLC: fundamentals of DevOps and how DevOps teams can build and deliver secure software
- Secure DevOps: How to build security into Continuous Delivery and Continuous Deployment
- The tools, patterns, and techniques of security automation in DevOps
Software security (25%):
- Software vulnerability identification (SANS Top 25)
- Software exploitation techniques and tools
- Software protections and mitigations
Web application security (25%):
- Web vulnerabilities (OWASP top 10)
- Web exploitation techniques and tools
- Web protections and mitigations
Metodologie di insegnamento e apprendimento
This
course involves theoretical presentations and hands-on exercises.
Bibliografia
Lecture slides, references to internet resources and books are
mentioned during the module introduction.
Scarica il descrittivo completo del modulo
Indietro