The skills that the student is expected to acquire are as follows:
- Identify the security objectives and the vulnerabilities, threats and risks of a given information system in a defined operational environment. Analyze the possible security measures to be used in it.
- Evaluate the security services to be implemented in a given system and design and apply the consequent mechanisms and protocols.
- Evaluate for a given system the existing encryption and steganographic tools to protect it.
- Use the signature and certification systems in a given environment. Evaluate and apply the relevant authentication mechanisms to access a specific system.
- Designing a security plan, developing the different parts of it, evaluating its compliance over time and correcting deviations. Analyze and manage the risks of a given installation.
- Prepare a comprehensive recovery plan for a real installation. Performing a compliance audit of files and systems containing personal data.
- Use the instruments that allow the control of the operating systems, mainly Windows and Linux.
- Manage the main techniques of collection, identification and analysis of events, ensuring the assurance of evidence and preserving the chain of custody of them. Evaluate and manage secure deletion and data recovery systems.
- Implement databases on a management system. Evaluate and use the different techniques that integrate data mining: analysis techniques and model extraction.
It is necessary to achieve the learning results summarized below:
OBJECTIVES
The student must recognize the current importance of information concealment techniques, in particular cryptography and steganography, as well as the technologies that allow their treatment, their weaknesses and the threats they face. In order to achieve these objectives, the student must acquire a range of knowledge, skills and attitudes as detailed below.
KNOWLEDGE
At the end of the course, the student should be able to:
- Know the classic cryptographic and steganographic systems and the reasons for their insecurity.
- Know the mathematical foundations of modern cryptography and steganography, as well as the techniques to analyze their security: cryptanalysis and steganography, respectively.
- Master the main cryptosystems and the current encryption algorithms.
- Know the signature and verification systems based on public key
- Know the problems associated with password management and its various solutions.
CAPACITIES
As regards capacities, they can be broken down into specific and generic (skills).
Concerning specific skills, the learner will be able to
- Solve problems of number theory in its application to cryptography. (P.O.: a)
- Recognize the advantages, disadvantages and uses of secret and public-key systems. (P.O.: a, c)
- Sign and verify in different environments, detecting possible attacks (P.O.: a, c)
- Identify methods for hiding information in different media (P.O.: a, c)
As for the general capacities or skills, during the course they will be worked on:
- The ability to find and select relevant information to solve a specific problem. (P.O.: a, b)
- The ability to apply multidisciplinary knowledge to the resolution of a given problem. (P.O.: a, c, e, g)
- The ability to investigate a particular cryptosystem or steganosystem in a given environment and find its vulnerabilities and threats. (P.O.: a, b)
As far as attitudes are concerned, the student after taking the course should have
- A critical attitude towards the security offered by particular encryption or information concealment system, in a given environment and given risks. (P.O.: i)
- A suspicious attitude towards the security supposed by the information hiding systems implemented in the systems. (P.O.: i)