Computer Systems Protection and Security

Introduction to security: basic terms and definitions, common threats, considerations for networked environments. Approaches to security provision: protection mechanisms, authentication, authorization, access control, assurance techniques. Security in programming: common programming errors and secure practices. Protection of computer resources in networked environments: architectural design, firewalls, wrappers, and similar techniques. Introduction to cryptography and key management: cryptography, symmetric and asymmetric algorithms, public key authentication and management, digital signatures, references to cryptanalysis techniques. User security in the Internet: threats from active content and protection methods, security framework for Javascript and Java. Database security: general principles, physical security, logical integrity, authentication, discretionary and mandatory access control, sensitive data management, inference control. Viruses: definition, virus types, infection methods, techniques, software and methods for dealing with viruses. Intrusion detection systems: purpose, general model, architectures, data sources, inference procedures, reactions. Vulnerability detection: definitions and purpose, detection methods, examples.