Παρουσίαση/Προβολή

The class is composed of theory & lab:

Theoretical Lectures

• Security Definitions
• Authentication, Authorization
• System Security, Data Privacy, Anonymity, Legal Framework, GDPR, HIPAA etc
• SW Vulnerabilities, Viruses, Side Channel Attacks & Energy Profiling
• Network Security, Worms, DDoS, Firewall, IPSec, OpenSSL/TLS, OpenVPN, syslog/IDPS
• History – Classical Cryptography - Mathematical Preliminaries
• Symmetric Cryptography, NIST-approved Operating Modes
• Public Key Cryptography (RSA, Diffie Hellmann) & Elliptic Cryptography
• Security Primitives, Protocols, and Services
• Digital Certificates & Signatures
• Message Authenticity - Merkle Trees
• Application Security – Web/Ηλεκτρονικό Ταχυδρομείο (HTTPS, SMTP)
• Special Topics: Embedded Security, Cybersecurity & Safety, e.g. Smart Vehicles, e-Health platforms, Programmable Crypto Engines – Crypto ICs – Software Libraries, Domain Isolation, ARM Trustzone, Applications (Secure Boot, File Systems, etc), Cloud/IoT Security (Auth protocol vs Kerberos), Blockchains, Steganography, Secret Sharing, Zero-Knowledge Proofs, Oblivious Transfers, Commit Protocols, Homomorphic Security, Quantum Cryptography, ...

Lab

The student lab focuses on open source hardware/software and Linux system security. Students gain experience in cryptographic mechanisms (AES encryption/decryption, integrity), authentication (SHA3, one-way hash functions), domain isolation, data privacy and anonymity by applying well-established security patterns for device, system/network, and application security. The lab also examines practical use of software tools, cryptographic security libraries, programmable crypto engines, and crypto ICs in experimental platforms and real embedded systems, such as healthcare and automotive.

Objectives

The knowledge which students acquire upon successful completion of the course relates to understanding the design of multilayer protection mechanisms for computing systems, with an emphasis on embedded systems security. Security primuitives are examined in detail, including lightweight cryptographic software libraries and hardware security devices (programmable crypto engines, crypto ICs). In addition, security patterns/protocols for efficient access control, data privacy, anonymity, confidentiality, integrity, and availability are examined. Case studies range from device security (cryptos), to memory protection/isolation (ARM Trustzone), to operating system kernel and file system support, to application and system/network security, including high-level security event tracing, correlation, and visualization.

 The skills, which students develop upon successful course completion, relate to: 

• Understanding the design and use of public key and symmetric cryptography (lightweight
• Understanding the design and use of digital certificates and signatures
• Designing and implementing protocols and techniques for security and data privacy at device, system/network, and application level

C) The abilities, which students develop upon successful course completion, enable problem-solving abilities that relate to

• Integrating security/trust in system/platform design and implementation
• Implementing secure embedded systems using lightweight security primitives/protocols
• Validating security functions and evaluating overheads of at device-, system-, and network-level

Recommended Bibliography:

• C. Pfleeger, S. L. Pfleeger, J. Margulies, “Security in Computing”, 5th edition, 2018. Prentice Hall, 2018.
• Basin, P. Schaller, M. Schlaepfer, “A Hands-on Approach”, Springer, 2011.

Other Important Sources

• Eclass - http://eclass.hmu.gr (notes, examples, open source coce)
• Development boards, pirate devices, virtual machines accompanied with open source software and manuals for examining attack and devising protection mechanisms

Relevant Scientific Journals & Conferences

• ACM Transactions on Privacy and Security
• IEEE Transactions on Dependable and Secure Computing
• IEEE Security & Privacy
• IEEE Transactions on Information Forensics & Security
• IEEE Transactions on Intelligent Transportation Systems
• IEEE Transactions on Vehicular Technology
• USENIX Security Symposium
• IEEE Symposium on Security and Privacy
• DEFCON and BLACKHAT conferences
• Embedded Security-related conferences, e.g. Embedded Security in Cars (ESCAR), Linux Security Summit, Automotive Linux Summit, Automotive Manufacturing Summit, Automotive World

Grading

All announcements related to the syllabus, including grading, and complementary reading material are posted in the course web page (ECLASS). The course grade incorporates the following evaluation procedures:

1. Final oral exam on theoretical/practical problems (50%)
2. Programming exercises (50%)

Students with extensive programming experience (including Erasmus students) can opt to replace the final oral exam & exercises with a dedicated, extensive programming project that counts up to 100% of the grade. This project usually relates to secure systems/networks, related Linux drivers & kernel modules, RTOS security, real-time systems, small software stacks, IoT and cyberphysical system security.  In this case, students provide a presentation and demonstration in a small seminar held at the end of their project.