Bachelor's Degree in Telecommunications Technology Engineering (GTTE-2010)

NETWORK SECURITY

General Data

Code: V05G301V01305
Type of credits: ECTS
Number of credits: 6.00
Engagement hours: 300.00
ISCED-F: Database and network design and administration
Status: Optional
Type: Course
Academic Year:
Term:
Modality: Presential
Languages: Spanish
Available for Mobility Students: Yes
Restricted to alliance: No

Coordination

Fernández Masaguer, Francisco
francisco.fernandez@det.uvigo.es

Course web site

Description

In this subject, the main security problems or threats in networks and telematic services are studied in a unified way, and different techniques are presented to protect them. The topic is first approached from a general point of view, so that the security concepts, services, and techniques studied are applicable to any type of network, telematic service, or information system to be secured. This block consists of topics 1 to 4. This leads to a detailed examination of the three central security topics: the algorithmic part (encryption, digital signature, and integrity), authentication protocols, and key management and negotiation procedures. The objective is for the student to acquire a solid foundation that enables them to understand the specific techniques required by each application as well as to apply them to other areas they may encounter. The topic is then addressed in a somewhat more specific way, reviewing the problems, techniques, and security standards in some of the most prevalent communication environments today. A topic is dedicated to security at the IP level, a central protocol in the Internet architecture, and another topic to web security, given the current relevance of this telematic communication medium, where the student will assimilate the theoretical and practical concepts of the SSL protocol, central to the security of transactions over the web. Due to the increasing use of wireless communications and their particular security issues, a topic is also dedicated to them. The course concludes with an introduction to two other topics of increasing importance: malicious networks and software, and forensic analysis of information systems.

Requirements

Subjects that it is recommended to have taken before:

  • Programming II (V05G301V01110):

Instructors

Fernández Masaguer, Francisco

Rodríguez Rubio, Raúl Fernando

Contents

Topics and sub-topics:

  • 1. Mathematics foundations of security
    • Basic notions of Complexity Theory
    • Basic notions of Number Theory
  • 2. Cypher, digital signature and hash algorithms
    • Types of cryptosystems and algorithms
    • Integrity and hash algorithms
    • Symmetric key cryptosystems: MAC functions, encryption, Shannon principles, stream and block ciphers, DES and AES algorithms, cipher modes of operation
    • Public key cryptosystems: RSA, DSA and elliptic curves
    • Influence of quantum computing on cryptography
  • 3. Certification and Public Key Infrastructures
    • Security problems of asymmetric cryptography, certification and certificate formats
    • Trust models: flat trust model and PGP, third-party trust model and certification authorities
    • Certificate infrastructures and certification path
    • Certificate revocation
  • 4. Authentication and key agreement protocols
    • Authentication methods
    • Threats to authentication protocols and countermeasures
    • Requirements of key agreement protocols: Diffie-Hellman protocol
    • Authentication in symmetric cryptosystems: GSM and Kerberos
    • Authentication in asymmetric cryptosystems: X.509 and SSL
    • Password-based protocols: SRP, SAE
    • Single Sign-On (SSO)
  • 5. Security at the network layer
    • Threats in the network layer
    • IP Security Architecture
    • IPsec protocol, tunnels, and NAT compatibility
    • Key management protocols: IKE, ISAKMP, OAKLEY
  • 6. Security in the Web and electronic commerce
    • Security problems in the Web
    • Protocols: SSL and TLS
    • Web certification
  • 7. Wireless security and AAA protocols
    • Threats in wireless environments
    • Wireless Application Protocol (WAP), WTLS, WEP, WPA, WPA2, WPA3
    • AAA protocols: RADIUS
  • 8. Systems Security
    • Firewalls and intrusion detection/prevention systems
    • Malicious software and networks
    • Forensic analysis of systems

 

Learning Outcomes

Codes and descriptions:

  • B3
    CG3: The knowledge of basic subjects and technologies that enables the student to learn new methods and technologies, as well as to give them great versatility to confront and adapt to new situations
  • B4
    CG4: The ability to solve problems with initiative, to make creative decisions and to communicate and transmit knowledge and skills, understanding the ethical and professional responsibility of the Technical Telecommunication Engineer activity
  • B6
    CG6: The aptitude to manage mandatory specifications, procedures and laws
  • C28
    CE28/TEL2: The ability to apply techniques that are the basis of computer networks, services and applications, such as management, signaling and switching, routing and securing systems (cryptographic protocols, tunneling, firewalls, charging mechanisms, authentication and content protection), traffic engineering (graph theory, queuing theory and teletraffic), rating, reliability and quality of service in fixed, mobile, personal, local or long-distance environments with different bandwidths, including telephony and data
  • D2
    CT2: Understanding Engineering within a framework of sustainable development
  • D3
    CT3: Awareness of the need for lifelong learning and continuous quality improvement, showing a flexible, open and ethical attitude toward different opinions and situations, particularly regarding non-discrimination based on sex, race or religion, as well as respect for fundamental rights and accessibility

Planned Activities

  • Lecturing
    Exhibition using PowerPoint presentations and the blackboard to explain the theoretical contents of the course. Covers topics not addressed by other methodologies. Includes solving key exercises to help students practice similar problems independently.
    Competences: CG3, CE28
  • Autonomous problem solving
    Students independently solve exercises, questions, or problems not completed during face-to-face sessions. Doubts are discussed during tutoring hours.
    Competences: CG4, CE28
  • Mentored work
    Group work involving theoretical and practical projects. Students choose from several proposed topics. Guidance is provided on objectives, tools, and approach, with ongoing supervision.
    Competences: CG4, CG6, CE28, CT2, CT3
  • Laboratory practical
    Group-based laboratory sessions focused on applying theoretical concepts and improving skills in secure network and service engineering.
    Competences: CG6, CE28, CT2, CT3

Assessment Methods and Criteria

Evaluation methods, qualification and learning results

  • Laboratory practice
    Proof carried out in groups where the teacher evaluates laboratory practices by reviewing their operation with group members.
    Conducted in the last or penultimate week of the semester (date published on Moovi).
    All group members must be present.
    Includes an authorship interview to assess each student’s participation and determine individual marks.
    Qualification: 25%
    Learning results: B6, C28, D3
  • Essay (Project / tutored work)
    Group assessment of a project or work (type C). Students present and demonstrate their results to the teacher.
    Conducted in the last or penultimate week of the semester (date published on Moovi).
    All group members must be present.
    Includes an authorship interview to evaluate individual contribution.
    Qualification: 25%
    Learning results: B4, B6, C28, D2, D3
  • Essay questions exam (Final exam)
    Final exam consisting of exercises/questions covering course content.
    Qualification: 25%
    Learning results: B3, B4, C28
  • Essay questions exam (Midterm / partial exam)
    Partial exam for continuous assessment students, covering content up to mid-semester.
    Qualification: 25%
    Learning results: B3, B4, C28

Other comments on evaluation

  • Choice of assessment type
    • Continuous Assessment (CA) is the default
    • To choose Global Assessment (GA), students must notify instructors by email before the end of week 5

Ordinary opportunity

  • Continuous Assessment (CA):
    • Laboratory practice B → 25%
    • Project C → 25%
    • Midterm exam → part of theory grade (must score ≥ 4/10 to average)
    • Final exam:
      • If midterm ≥ 4 → final covers second half (25%)
      • If midterm < 4 → final covers all content (50%)
    • Minimum required: 4/10 in exams
  • Global Assessment (GA):
    • Final theoretical exam → 75%
    • Laboratory practice B → 25%
    • Minimum required:
      • 4.5/10 in each exam part
      • 1/2.5 in lab practice

Extraordinary opportunity

  • For CA students:
    • Final grade:
      • Theory → 50%
      • Lab B → 25%
      • Project C → 25%
    • Previous valid grades are retained if minimums were met
    • Must retake only failed parts
    • Minimum:
      • 4/10 in theory parts
      • 1/2.5 in lab
  • For GA students:
    • Final exam → 75%
    • Lab B → 25%
    • Minimum:
      • 4.5/10 exam
      • 1/2.5 lab

Other observations

  • “Not Present” if:
    • No continuous assessment and no final exam attendance
    • CA student does not attend any evaluation (A, B, C)
  • Lab B and Project C grades are only valid during the academic year
  • If total ≥ 5 but minimums not met → final grade = 4.9 (fail)

End-of-degree evaluation

  • Theoretical exam → 50% (minimum 4/10 in each part)
  • Lab work B → 25% (minimum 1/2.5)
  • Project C → 25%