Studying at the University of Verona

Here you can find information on the organisational aspects of the Programme, lecture timetables, learning activities and useful contact details for your time at the University, from enrolment to graduation.

Study Plan

A.A. 2024/2025 A.A. 2023/2024 A.A. 2022/2023 A.A. 2021/2022 A.A. 2020/2021 A.A. 2019/2020 A.A. 2018/2019 A.A. 2017/2018 A.A. 2016/2017 A.A. 2015/2016 A.A. 2014/2015 A.A. 2013/2014 A.A. 2012/2013 A.A. 2011/2012 A.A. 2010/2011 A.A. 2009/2010

This information is intended exclusively for students already enrolled in this course.
If you are a new student interested in enrolling, you can find information about the course of study on the course page:

Laurea magistrale in Ingegneria e scienze informatiche - Enrollment from 2025/2026

The Study Plan includes all modules, teaching and learning activities that each student will need to undertake during their time at the University.
Please select your Study Plan based on your enrollment year.

CURRICULUM TIPO:

1° Year 

ModulesCreditsTAFSSD
12
B
ING-INF/05
6
B
ING-INF/05
12
B
INF/01
6
B
ING-INF/05
12
B
ING-INF/05
6
B
ING-INF/05

2° Year   activated in the A.Y. 2012/2013

ModulesCreditsTAFSSD
6
B
ING-INF/05
6
B
INF/01
Tre insegnamenti a scelta tra i seguenti
6
C
INF/01
6
C
INF/01
6
C
INF/01
6
C
INF/01
6
C
INF/01
6
C
INF/01
6
C
INF/01
6
C
INF/01
6
C
INF/01
6
C
INF/01
6
C
INF/01
6
C
SECS-P/10
6
C
INF/01
6
C
INF/01
6
C
INF/01
6
C
FIS/01
Altre attivita' formative
4
F
-
24
E
-
ModulesCreditsTAFSSD
12
B
ING-INF/05
6
B
ING-INF/05
12
B
INF/01
6
B
ING-INF/05
12
B
ING-INF/05
6
B
ING-INF/05
Modules Credits TAF SSD
Between the years: 1°- 2°
8
D
-

Legend | Type of training activity (TTA)

TAF (Type of Educational Activity) All courses and activities are classified into different types of educational activities, indicated by a letter.

A Basic activities
B Characterizing activities
C Related or complementary activities
D Activities to be chosen by the student
E Final examination
F Other training activities
S Placements in companies, public or private institutions and professional associations

Systems security  (2011/2012)

Teaching code

4S02799

Teacher

Isabella Mastroeni

Coordinator

Isabella Mastroeni

Credits

6

Language

Italian

Scientific Disciplinary Sector (SSD)

ING-INF/05 - INFORMATION PROCESSING SYSTEMS

Period

II semestre dal Mar 1, 2012 al Jun 15, 2012.

Seminars 0

Learning outcomes

The system security course aims to provide the fundamental knowledge necessary for specifying and analyzing security policies designed depending on the features of the system to protect, and on the information to protect.
In particular, the course proposes an initial overview of the basic concepts, and then focalizes on the security of operating systems, with particular attention to authentication and authorization, on software security, on software vulnerabilities in presence of malware, and on security databases.
Finally will be treated security management and legal aspects of computer security.

Program

Il corso svilupperà i seguenti argomenti:
1) Introduction:
- Notion of security and tasks of security (confidentiality, integrity and availability)
- Risk and assets analysis
- Vulnerabilities (hardware, software, data and comunication)
- Defenses
- Principles of information security
2) Classical Models
- Policies and models
- Policies: confidentiality vs integrity
- Access control (Autentication vs Autorization)
- DAC models (Harrison-Ruzzo-Ullmann, Graham-Denning, take-grant)
- Multilevel security (MAC)
- Classical models (Bell-LaPadula, Biba, Clark-Wilson, Chinese Wall)
- RBAC
- Non interference
3) Standard Meccanisms
- Autentication
- Autentication vs Identification
- Autentication (password-based, token-based, biometric)
- Attacks and protection
- Meccanisms for access control
- Intrusion detection systems
- Execution monitors
4) Data base security
- Relational data base security
- Access control and SQL
- Statistical data base security (Aggregation, inference and kind of attacks)
- Multilevel data base security
- Security and Data mining
5) Software
- SW Vulnerabilities
- Input management: errors vs attacks
- Store management: Buffer overflow
- Other kind of SW attacks
- Malware
- Kinds of malware
- Virus (Definitions, propagation methods, defence methods)
- Worm
- Backdoor (trapdoor), Troian horses and other malware kinds
- Models
- Defenses
6) Legal aspects of security
- Privacy and computer science
- Crimes and intellectual property
- Ethical aspects
7) Security management
- Physical manaces to security
- Pianification and human issue
- Economical aspects of security

Examination Methods

L'esame sarà strutturato in due parti:
- Uno scritto nel quale mediante domande e semplici esercizi si valuterà la preparazione dello studente sull'intero programma del corso.
- Un progetto/approfondimento fatto da gruppi di massimo due persone il cui argomento può essere anche proposto al docente da parte del gruppo stesso. Tale progetto sarà presentato sottoforma di una relazione scritta e di una presentazione orale.
Il risultato dell'esame sarà poi ottenuto dando una valutazione in 30esimi (rapportato poi a 24 + 2 punti per la presentazione) al progetto e una valutazione allo scritto in termini di bonus (valutazione insufficiente=ripetere lo scritto, scritto sufficiente=da 1 a 4 punti da sommare alla valutazione del progetto in funzione della qualità dello scritto)

Students with disabilities or specific learning disorders (SLD), who intend to request the adaptation of the exam, must follow the instructions given HERE