information and Software Security

Code:

MES3

Sigla:

SIS

Áreas Científicas
Classificação	Área Científica
OFICIAL	Informática

Ocorrência: 2021/2022 - 1S

Ativa?	Yes
Página Web:	https://moodle.ips.pt/2122/course/view.php?id=315
Unidade Responsável:	Departamento de Sistemas e Informática
Curso/CE Responsável:

Ciclos de Estudo/Cursos

Sigla	Nº de Estudantes	Plano de Estudos	Anos Curriculares	Créditos UCN	Créditos ECTS	Horas de Contacto	Horas Totais
MES	21	Plano de Estudos 2017-2018	1	-	7,5	-	202,5

Docência - Responsabilidades

Docente	Responsabilidade
Rossana Henriques dos Santos

Docência - Horas

Theorethical and Practical :	2,00
Practical and Laboratory:	2,00
Orientação Tutorial:	1,00

Type	Docente	Turmas	Horas
Theorethical and Practical	Totais	1	2,00
Theorethical and Practical	Rossana Henriques dos Santos		2,00
Practical and Laboratory	Totais	1	2,00
Practical and Laboratory	Rossana Henriques dos Santos		2,00
Orientação Tutorial	Totais	1	1,00
Orientação Tutorial	Rossana Henriques dos Santos		1,00

Língua de trabalho

Portuguese

Objetivos

At the end of this curricular unit the student should be able to:
Understand the main paradigms and models of computer and information systems security.
Understand how cryptographic algorithms and protocols work.
Understand basic protection mechanisms.
Recognize vulnerabilities of organizational information systems and software.
Apply techniques, algorithms and use tools to prevent and defend attacks, enhancing information systems and software security.

Resultados de aprendizagem e competências

The syllabus observes the objectives of the course for the knowledge to be acquired, focusing on teaching the essential theoretical concepts of computer, information and software security and applying them to case-studies.
The syllabus seeks to follow a logical and incremental introduction of the key elements that address the new paradigms and demonstrate its importance, allowing to gradually increase the complexity of the computer and software security study.

Modo de trabalho

Presencial

Pré-requisitos (conhecimentos prévios) e co-requisitos (conhecimentos simultâneos)

Bachelor on Computer Engineering or similar.

Programa

The syllabus is divided into ten topics, which are not evenly distributed over time:
1. Introduction: information system security misconceptions
2. Ethics and legislation.
3. Human, social and cultural facts that influence information and software security.
4. Information security and system protection overview.
5. Cryptography: history, algorithms and applications.
6. Information system security basic concepts.
7. Malicious programs and intrusions.
8. Basic security infrastructures.
9. Vulnerability study of information systems.
10. Software Audit.
11. Techniques and tools used in information security.

Bibliografia Obrigatória

Miguel Pupo Correia e Paulo Jorge Sousa; Segurança no Software, FCA, 2017. ISBN: 978-972-722-858-4

Bibliografia Complementar

André Zúquete; Segurança em Redes Informáticas, FCA, 2013. ISBN: 978-972-722-767-9
Jorge Granjal; Segurança Prática em Sistemas e Redes com Linux, FCA, 2017. ISBN: 978-972-722-865-2
William Stallings; Cryptography and Network Security, Prentice Hall, 2010. ISBN: 978-013-609-704-4
C. Pfleeger, S. L. Pfleeger; Security in Computing, Prentice Hall, 2006. ISBN: 978-013-239-077-4
M. Dowd, J. McDonald J. Schuh; The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities, Addison-Wesley, 2006. ISBN: 978-032-144-442-4

Métodos de ensino e atividades de aprendizagem

The predominant methods are divided according to the type pf class:

Theoretical classes:
• Expository, using slides.
• Demonstrative, using a computer and/or a mobile device for demonstration of examples.
• Interrogative, using questions posed to students during the lecture or demonstration of examples.
• Active: guide students in solving exercises.

Practical/laboratory classes:
• Expository, using examples of the theoretical classes. At the beginning of each practical/laboratory assignment there shall be a small lecture of the concepts necessary for its development. Students are then encouraged (with supervision of the teacher) to develop their work, helping them to assimilate the theoretical concepts.
• Active: guide students in the development of an autonomous project in groups of no more than two students, along the course.

Orientation classes:
• Active: guide students in the development of autonomous practical assignments and projects throughout the course.

Software

Linux

Palavras Chave

Technological sciences > Technology > Information technology > Security technology

Tipo de avaliação

Distributed evaluation with final exam

Componentes de Avaliação

Designation	Peso (%)
Apresentação/discussão de um trabalho científico	60,00
Teste	40,00
Total:	100,00

Componentes de Ocupação

Designation	Tempo (Horas)
Frequência das aulas	60,00
Estudo autónomo	15,00
Total:	75,00

Obtenção de frequência

Each Practical Assignment has a minimum grade of 8.0 out of 20.0 points.
The final grade has a minimum of 9.5 out of 20.0 points.

Fórmula de cálculo da classificação final

Avaliação Contínua:
Final Grade = 40% [CT] + 60% [CP] ≥ 9.5 out of 20.0 points
[CT] = 50% [T1] + 50% [T2]
[CP] = 10% [TE1] + 30% [TE2] + 30% [TE3] + 30% [TE4]

Épocas Normal, de Recurso e Especial:
Final Grade = 40% [CT] + 60% [CP] ≥ 9.5 out of 20.0 points
[CT] = [Exam]
[CP] = 10% [TE1] + 30% [TE2] + 30% [TE3] + 30% [TE4]

Where:
[CT] = Theoretical Component Grade
[T1] = Test 1 grade
[T2] = Test 2 grade
[Exam] = Exam Grade
[CP] = Practical Component Grade
[TEn] = Practical Assignment #n Grade ≥ 8.0 out of 20.0 points

Access to the tests and examination is done by enrolling in Moodle (see Moodle for warnings).

For more information about each item see the Curricular unit presentation in Moodle.

Melhoria de classificação

At Época de Recurso, after enrollment in Moodle and DA.

Recomendar Página Voltar ao Topo