The primary objective for students is to recognise IT security as an unavoidable aspect of digital information and its supporting systems. Subordinated to this overall goal, the student will be able to identify the dimensions of IT security (confidentiality, integrity and availability), threats (technical or physical) that digital information is exposed to and to know and use the main tools to protect it.
The program is divided into five main sections:
PART ONE: Students will discuss the dimensions of security (confidentiality, integrity, availability), emphasising their relative importance according to specific environments and introduce specific security measures for each one of them. The different types of threats and the vulnerabilities of IT systems will be described.
PART TWO: We analyse the problems of conservation over a long time and safe destruction of electronic documents.
PART THREE: We consider data encryption as an essential tool for security, exploring various systems and their intended uses.
PART FOUR: Signature and digital certificates as a basic tool to guarantee integrity together with document authenticity and non-repudiation.
PART FIVE: We will present the security problems arising in IT systems accessed via computer networks as well as the specific protection mechanisms.
Thus, the detailed program is as follows:
1. Introduction to digital document security
1.1 - Security goals
1.2 - Security mechanisms: legal, administrative, physical and technical protections
1.4.- IT security. Vulnerabilities.
2. Electronic documents: Integrity and removal
2.1 - Integrity techniques. Use of hash functions
2.2 - Secure removal
2.3.- Legal / administrative storage conditions for documents containing personal data
3. Data Encryption
3.1 - Introduction to data hiding techniques
3.2 - Cryptosystem scheme
3.3.- Secret- and public-key encryption
3.4.- Encryption in Microsoft Office, PDF and other user apps
3.5.- Specific encryption software
4. Digital signature and user authentication
4.1.- Introduction to digital signature. Differences with
4.3.- Digital Certificates. Types
4.4 - Certification Authorities. Examples. The DNI-e
4.5.- Certificate revocation
4.6.- User Authentication
5. Computer Network Security
5.1 - Threats to computer networks.
5.2.- Secure connection protocols with servers. TLS/SSL