Θέματα εργασιών μαθήματος "Ασφάλεια Πληροφοριακών Συστημάτων"

ΔΙΔΑΣΚΩΝ: Α. ΤΣΑΚΩΝΑΣ

ΜΑΘΗΜΑ: ΑΣΦΑΛΕΙΑ ΠΛΗΡΟΦΟΡΙΑΚΩΝ ΣΥΣΤΗΜΑΤΩΝ

Εργασίες μαθήματος ακαδ. Έτους 2009-2010.

Η δήλωση εργασιών γίνεται απευθείας στο email του διδάσκοντα: (tsakonas@pme.duth.gr).
Ο φοιτητής υποχρεούται να δηλώσει προτίμηση έως τις 11/4/2010 για έως τρεις από τις ακόλουθες εργασίες.

Η ανάθεση εργασιών θα γίνει έως τις 15/4/2010. Καταληκτική ημερομηνία παράδοσης εργασιών είναι η 31/5/2010.

1. Penetration tests (BackTrack, Tiger team, Pentoo)

2. Fault-tolerant design (failsafe computer-controlled systems)

3. Firewalls (Egress filtering, Stateful firewall, Bastion host)

4. OWASP (Enigform, WebScarab, AntiSamy)

5. Data security I (Data masking, Data erasure, Data recovery)

6. Data security II (Disk encryption, Pre-boot authentication, Smartcard)

7. Cyber security standards(ISO/IEC 27002, Information Security, Information Assurance)

8. Dancing pigs (HoneyMonkey Project)

9. Identity management and Online identity management

10. Hardware security modules (Secure cryptoprocessors, Security tokens, IBM 4764)

11. Information privacy

12. Watermarking and Watermark detection

13. Cryptanalysis - Symmetric algorithms I (Boomerang attack, Brute force attack, Davies' attack, Differential    cryptanalysis, Impossible differential cryptanalysis, Integral cryptanalysis, Linear cryptanalysis)

14. Cryptanalysis - Symmetric algorithms II (Meet-in-the-middle attack, Mod-n cryptanalysis, Related-key attack,  Sandwich attack, Slide attack, XSL attack)

15. Cryptanalysis -  Attack models and Side channel attacks (Chosen-ciphertext attack, Chosen-plaintext attack, Ciphertext-only attack, Known-plaintext attack, Power analysis, Timing attack)

16. Cryptanalysis - Classical cryptanalysis and Hash functions (Frequency analysis, Index of coincidence, Kasiski examination, Birthday attack, Rainbow table)

17. Cryptanalysis - Network attacks and External attacks (Man-in-the-middle attack, Replay attack, Black-bag cryptanalysis, Rubber-hose cryptanalysis)