Gabriele D'Angelo graduated in Computer Science in 2001, and he obtained a PhD degree in Computer Science in 2005, both from the University of Bologna, Italy. He is an Assistant Professor at the Department of Computer Science and Engineering of the University of Bologna. His research interests include parallel and distributed simulation, distributed systems, online games and computer security. He is the author of several publications on these topics. Since 2011 he is in the editorial board of the Simulation Modelling Practice and Theory (SIMPAT) journal published by Elsevier. During the last few years he has worked on the design and implementation of the ARTÌS parallel and distributed simulation middleware. In the years he has taught many graduate and undergraduate courses on computer networks, simulation, computer and network security, algorithms and data structures.
It’s undeniable that mankind strive to build unbreakable systems, even if human history has demonstrated so far that this is nothing more than a myth. The real world is mainly made of fragile systems, so that reality is much different from the expectations.
The goal of this course is to provide a basic knowledge concerning the main concepts and principles of computer security (e.g. risk, tools for risk assessment and evaluation, attacks and their typical structure, resources, functional systems requirements, human component). In this way, the course will provide the basic tools for the design and implementation of reasonably secure systems. During this process, either methodological, technological and behavioral (i.e. operation security) aspects will be considered.
After the course, the students should be able to critically evaluate the security of a (computer) system considering both the system as a whole and its main separated components (e.g. authentication and authorization mechanisms and procedures). They will also be able to find the main vulnerabilities of such a system and to identify the more appropriate countermeasures to allow the mitigation of vulnerabilities and reduce the risk to an acceptable level.
The goals described above will be obtained not only by teaching some of the main theoretical aspects of computer security but also by describing and discussing many real world examples in detail.
The approach and the tools learned during this course are prerequisites for the following “Cryptographic Protocols” and “Computer, Network and Cloud Security” courses.