Ensimag Rubrique Formation 2022

Information Systems Security - 5MMSSI

  • Number of hours

    • Lectures 9.0
    • Tutorials 9.0

    ECTS

    ECTS 1.5

Goal(s)

  • Being able to understand the threats and vulnerabilities
    • Systems
    • infrastructures
    • Applications
    • Protocols
    • Business Processes
  • What actions to avoid / limit
    • Guide to good practice
    • Security Policy / Audit
    • Methodology
Contact Sébastien VIARDOT

Content(s)

The module is largely based on the assignments to be made, consisting of fault analysis, the responses needed to limit the impacts (anticipation and reaction), and propose experiments to implement them.

The topics covered in the framed sessions are :

  • Introduction to the course, legal warning, assignments presentation.
  • Lab : Docker and vagrant, and setting up a security challenge
  • Good and bad use of crypto
  • Authentication methods
    • Certificates PKI, Kerberos, oauth2, case, SSO
  • Blockchain
  • Local vulnerability and good practices
    • identification (3 factors), solutions. Identity theft
    • media confidentiality - encryption / access
    • Access rights and best practices
    • Exploits and answers
    • Hardware flaw, illustration via meltdown and spectrum (if not otherwise processed)
  • Network failures and good practices
  • WEB security
    • WEB security lab


Prerequisites

Having taken the following courses (or equivalent) is recommended:

  • Operating System Design Project - Foundations
  • Operating system and concurrent programming
  • Security of systems and networks

Test

CONTINUOUS CONTROL (CC):
Evaluation type:
Work to be done (alone or in pairs) on a vulnerability analysis and an experiment + Peer evaluation. A total of 2 works to be done and 6 peer reviews to be done.

NORMAL SESSION:
No written examination in limited time in normal session, evaluation in continuous control.

RETRIEVAL SESSION (E2):
Type of examination: Work equivalent to render individually on the analysis of a new vulnerability + written or oral following the number of students catching up.
Specific room:
Duration: 2h if it is a writing, 1h if it is an oral.
Authorized documents: none
Prohibited documents (eg books, all documents): all



N1=CC
N2=E2

Additional Information

Curriculum->Embedded Systems & Connect. Devices->Semester 9

Bibliography

  • Cryptographie et sécurité des systèmes et des réseaux (Editeur : Hermes Science Publications)
  • Sécurité des systèmes d’information (Pearson Education France)
  • Sécurité Internet (Dunod)
  • Hacking interdit (Micro)