Sébastien Combéfis

English

French

English

French

Appearance

Boston, MA, USA, July 2019
Boston, MA, USA, July 2019
On this page

Computer Security

XXX

<p>The <i>« I502A Sécurité physique et logicielle »</i> activity, taught to 
second year master students in computer science industrial engineer at the
<a href="https://www.vinci.be/fr-be/ecam">ECAM Brussels Engineering
School</a> (ECAM), is about the <b>security of computer systems</b>, both 
hardware and software. It includes an introduction to cryptography, 
elements of networks, databases and operating systems security and, finally,
security auditing techniques of a computer system.</p>

<p>I started to give this course in 2017 and I am currently giving it for
the fourth time. The course is taught in English, but all the material is
available in English and <a href="/fr/teaching/ecam/security/">in
French</a>.</p>


<h2>Documents</h2>

<ul>
  <li>General information about the course</li>
  <li>
  <a href="/files/ecam/general/ECAM-Competency-Based-Assessment-Slides.pdf">
  Competency Based Assessment <img src="/images/slides.png" width="16"
  height="16" alt="Slides"></a></li>
  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Competencies-List.pdf">
  Grid of skills to acquire <img src="/images/pdf.png" width="16"
  height="16" alt="PDF"></a></li>
</ul>


<h2>Theory</h2>

<ul>
  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Session1-Slides.pdf">
  Session 1: Introduction to Computer Security
  <img src="/images/slides.png" width="16" height="16"
  alt="Slides"></a></li>

  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Session2-Slides.pdf">
  Session 2: Introduction to Cryptography and Symmetric Encryption
  <img src="/images/slides.png" width="16" height="16"
  alt="Slides"></a></li>

  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Session3-Slides.pdf">
  Session 3: Hash Function, Asymmetric Encryption and Signature
  <img src="/images/slides.png" width="16" height="16"
  alt="Slides"></a></li>

  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Session4-Slides.pdf">
  Session 4: Malware and Protection
  <img src="/images/slides.png" width="16" height="16"
  alt="Slides"></a></li>

  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Session5-Slides.pdf">
  Session 5: Software and Operating Systems Security
  <img src="/images/slides.png" width="16" height="16"
  alt="Slides"></a></li>

  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Session6-Slides.pdf">
  Session 6: Network Protections: DoS, Firewall and IDS
  <img src="/images/slides.png" width="16" height="16"
  alt="Slides"></a></li>

  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Session7-Slides.pdf">
  Session 7: Authentication and Access Control
  <img src="/images/slides.png" width="16" height="16"
  alt="Slides"></a></li>

  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Session8-Slides.pdf">
  Session 8: Database, Cloud and IoT Security
  <img src="/images/slides.png" width="16" height="16"
  alt="Slides"></a></li>

  <li>Session 9: Network Security</li>

  <li>Session 10: Security Audit</li>
</ul>


<h2>Practice</h2>

<ul>
  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Quizz1.pdf">Quizz 1:
  Computer security principle <img src="/images/pdf.png" width="16"
  height="16" alt="PDF"></a></li>
  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Quizz2.pdf">Quizz 2:
  Cryptography <img src="/images/pdf.png" width="16"
  height="16" alt="PDF"></a></li>
  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Quizz3.pdf">Quizz 3:
  Security concepts and cryptographic tools <img src="/images/pdf.png"
  width="16" height="16" alt="PDF"></a></li>
  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Quizz4.pdf">Quizz 4:
  Malware and protection <img src="/images/pdf.png" width="16"
  height="16" alt="PDF"></a></li>
  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Quizz5.pdf">Quizz 5:
  Network protection <img src="/images/pdf.png" width="16"
  height="16" alt="PDF"></a></li>
  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Quizz6.pdf">Quizz 6:
  User authentication <img src="/images/pdf.png" width="16"
  height="16" alt="PDF"></a></li>
  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Coding1.pdf">Coding 1:
  HTTPS secure server <img src="/images/pdf.png" width="16"
  height="16" alt="PDF"></a></li>
  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Coding2.pdf">Coding 2:
  Secure password storage <img src="/images/pdf.png" width="16"
  height="16" alt="PDF"></a></li>
  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Coding3.pdf">Coding 3:
  Input validation <img src="/images/pdf.png" width="16"
  height="16" alt="PDF"></a></li>
  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Coding4.pdf">Coding 4:
  SQL injection <img src="/images/pdf.png" width="16"
  height="16" alt="PDF"></a></li>
  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Coding5.pdf">Coding 5:
  XSS attack <img src="/images/pdf.png" width="16"
  height="16" alt="PDF"></a></li>
  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Mission1.pdf">Mission 1:
  Computer security principle <img src="/images/pdf.png" width="16"
  height="16" alt="PDF"></a></li>
  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Mission2.pdf">Mission 2:
  Python cryptographic tools <img src="/images/pdf.png" width="16"
  height="16" alt="PDF"></a></li>
  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Mission3.pdf">Mission 3:
  Bad website <img src="/images/pdf.png" width="16"
  height="16" alt="PDF"></a></li>
  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Mission4.pdf">Mission 4:
  John the Ripper <img src="/images/pdf.png" width="16"
  height="16" alt="PDF"></a></li>
  <li><a href="/files/ecam/security/ECAM-Secu5MIN-Mission5.pdf">Mission 5:
  Article news about IT security issue <img src="/images/pdf.png" width="16"
  height="16" alt="PDF"></a></li>
</ul>


<h2>Resources</h2>

<h3>Reference books</h3>

<ul>
  <li>William Stallings and Lawrie Brown. (2018). Computer Security:
  Principles and Practice (4th edition). Pearson.
  <small>(ISBN: 978-1-292-22061-1)</small></li>
  <li>Douglas Robert Stinson and Maura Paterson. (2017). Cryptography:
  Theory and Practice (4th edition). CRC Press.
  <small>(ISBN: 978-1-138-19701-5)</small></li>
</ul>

<h3>Other books</h3>

<ul>
  <li>Michael Goodrich and Robert Tamassia. (2013). Introduction to Computer
  Security. Pearson. <small>(ISBN: 978-1-292-02540-7)</small></li>
  <li>Matt Bishop. (2018). Computer Security: Art and Science (2th
  edition). Addison-Wesley. <small>(ISBN: 978-0-321-71233-2)</small></li>
  <li>Douglas Stinson, Serge Vaudenay, Gildas Avoine and Pascal Junod.
  (2003). Cryptographie : Théorie et pratique (2th edition). Vuibert.
  <small>(ISBN: 978-2-711-74800-6)</small></li>
  <li>Jonathan Katz and Yehuda Lindell. (2014). Introduction to Modern
  Cryptography (2th edition). Chapman and Hall/CRC.
  <small>(ISBN: 978-1-466-57026-9)</small></li>
</ul>

<h3>Scientific references</h3>

<ul>
  <li>Sattarova Feruza Y. and Tao-Hoon Kim. IT Security Review: Privacy,
  Protection, Access Control, Assurance and System Security. In
  <i>International Journal of Multimedia and Ubiquitous Engineering</i>,
  2(2):17-32, 2017.</li>
  <li>Celia Paulsen and Robert Byers. Glossary of Key Information Security
  Terms. Technical report NISTIR 7298, revision 3. NIST, July 2019.</li>
  <li>Butler W. Lampson. Computer Security in the Real World. In
  <i>Computer</i>, 37(6):37-46, 2004.</li>
</ul>

<h3>Online resources</h3>

<ul>
  <li><a href="https://haveibeenpwned.com">Have I Been Pwned: Check if
  your email has been compromised in a data breach</a>, Troy Hunt.</li>
  <li><a href="https://www.sans.org/top25-software-errors">CWE/SANS TOP 25
  Most Dangerous Software Errors</a>, SANS Institute, June 2011.</li>
  <li><a href="https://www.us-cert.gov/ncas/alerts">National Cyber
  Awareness System : Alerts</a>, CISA.</li>
  <li><a href="https://cwe.mitre.org">Common Weakness Enumeration:
  A Community-Developed List of Software Weakness Types</a>, Mitre.</li>
  <li><a href="https://capec.mitre.org">Common Attack Pattern Enumeration
  and Classification: A Community Resource for Identifying and
  Understanding Attacks</a>, Mitre.</li>
</ul>