Implementing a secure networked application can be difficult, even for developers who may have used various cryptographic building blocks (such as encryption and digital signatures) beforehand. In order to make the participants understand the role and usage of these cryptographic primitives, first a solid foundation on the main requirements of secure communication – secure acknowledgement, integrity, confidentiality, remote identification and anonymity – is given, while also presenting the typical problems that may damage these requirements along with real-world solutions.
As a critical aspect of network security is cryptography, the most important cryptographic algorithms in symmetric cryptography, hashing, asymmetric cryptography, and key agreement are also discussed. Instead of presenting an in-depth mathematical background, these elements are discussed from a developer's perspective, showing typical use-case examples and practical considerations related to the use of crypto, such as public key infrastructures. Security protocols in many different areas of secure communication are introduced, with an in-depth discussion on the most widely-used protocol families such as IPSEC and SSL/TLS.
Finally, as XML technology is central for data exchange by networked applications, the security aspects of XML are described.
There are no prerequisites for this course.
Network engineers and developers.
Understand basic concepts of security, IT security and secure coding
Understand the requirements of secure communication
Learn about network attacks and defenses at different OSI layers
Have a practical understanding of cryptography
Understand essential security protocols
Understand some recent attacks against cryptosystems
Learn about typical coding mistakes and how to avoid them
Get information about some recent vulnerabilities in the Java framework
Learn about XML security
Get information about some recent related vulnerabilities
Get sources and further readings on secure coding practices