Checking date: 17/09/2020

Course: 2020/2021

Data Protection
Study: Master in cybersecurity (288)

Coordinating teacher: LOPEZ GARCIA, SERGIO

Department assigned to the subject: Department of Telematic Engineering

Type: Compulsory
ECTS Credits: 3.0 ECTS


SKILLS AND LEARNING RESULTS In relation to the skills, during the course the following will work: - Knowledge and understanding that provide a basis or opportunity for originality in developing and / or applying ideas, often in a research context. - Students can communicate their conclusions and knowledge to specialist and non-specialist audiences clearly and unambiguously. - Students must possess the learning skills that enable them to continue studying. - Develop concise, clear and reasoned documents, plans and projects working in the field of cybersecurity. - Apply the services, mechanisms and security protocols appropriate in a particular case. - Design and evaluation of systems, security architectures and networks. - Know and apply encryption mechanisms and relevant steganography to protect data residing on a system or in transit through a network. Regarding learning outcomes, to overcome this subject students will be able to: - Given a system with security requirements established to propose mechanisms and protocols required to provide some basic security services: authentication, authorization, privacy and access control. Give a measure of their effectiveness and limitations. - To design and evaluate appropriate measures for the identification and authentication of users and management of identities and associated authorizations.
Description of contents: programme
PROGRAM This course covers the various aspects of data protection, especially focusing on the services of confidentiality, integrity and authenticity of information exchanged or stored. The course addresses these issues from a very practical standpoint, by conducting a case study over the development of consistent application of current data protection. The course syllabus is divided into four parts: * Part I: introduction.   - Presentation of the course: agenda, legislation, practical description of the case study.   - Introduction to the data protection: definitions, dimensions of information security.   - Types of encryption systems (symmetric / asymmetric) * Part II: symmetric encryption   - Block and stream ciphers.   - Encryption algorithms: DES, modes of operation, 2DES, 3DES, AES.   - Management of cryptographic keys. * Part III: asymmetric encryption   - RSA, Diffie-Hellman ECC. * Part IV: authentication and digital signature   - Authentication and one-way functions: cryptographic hash functions, Message Authentication Code (MAC).   - Digital Signature. Standards.   - Digital certificates and public key infrastructure (PKI) (digital certificates ITU-T X.509v3, trust Authorities (CA) and public key infrastructure (PKI), electronic signature legislation..
Learning activities and methodology
FORMATIVE ACTIVITIES The teaching methodology will include: - Teacher exhibitions in classroom, with support of computer and audiovisual media, in which the main concepts of the subject are developed and the literature is provided to aid student learning. - Critical reading recommended by the teacher of texts related to the subject: newspaper articles, reports, manuals and / or academic articles, either for further discussion in class, either to expand and consolidate the knowledge of the subject. - Resolution of case studies, problems, etc. posed by the teacher individually or in groups. - Presentation and discussion in class under teacher moderation issues related to the content of matter, as well as case studies.
Assessment System
  • % end-of-term-examination 40
  • % of continuous assessment (assigments, laboratory, practicals...) 60
Basic Bibliography
  • Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone. Handbook of applied cryptography. 2001
  • C. Kaufman, R. Perlman, M. Speciner, E. Cliffs.. Network security : private communication in a public world . Prentice Hall. 1995
  • Stallings, William. Cryptography and network security. Principles and Practice. Sixth Edition. Prentice Hall. 2014

The course syllabus and the academic weekly planning may change due academic events or other reasons.