Course: Segurança em Sistemas Informáticos | moodle2425

FEUP-M.EIC025-2024/2025-2S

Topic outline

General

Collapse all Expand all
About Exams
- Normal Exam 2023/24 File
  
  752.6 KB
Lectures
- 0. Presentation File
  
  49.0 KB
- 1. Introduction (& review) File
  
  167.9 KB
- 1.A Intro-annex: CIAA simplified File
  
  73.4 KB
- 2.1 Cryptography Basics File
  
  481.0 KB
- 2.2 Cryptography - general protection techniques File
  
  331.5 KB
- 2.3 Cryptography 2nd level (part 1) File
  
  315.7 KB
- 2.3 Cryptography 2nd level (part 2) File
  
  314.6 KB
- 3. Sofware Security Components File
  
  817.4 KB
- for printing (4 slides per page) File
  
  1.7 MB
- Lectures from OWASP Page
- 4. Introduction to Blockchain File
  
  5.0 MB
- 5. Software Security File
  
  1.4 MB
- For printing (4 slides/page) File
  
  2.0 MB
- Some Less Common Software Vulnerabilities Page
- Some Simple Vulnerability Demos File
  
  1.0 MB
- 6. Identity and Authentication Mechanism File
  
  1.6 MB
- For printing (4 slides/page) File
  
  3.0 MB
- 7. Access Control (Authorization) Security Mechanism File
  
  974.9 KB
- For printing (4 slides/page bw) File
  
  2.0 MB
- 8. Web Security File
  
  2.2 MB
- Print version (4 per page) File
  
  4.3 MB
- OAuth Demo (with Node and Koa) File
  
  3.2 MB
  
  OAuth Koa
  =========
  This demo contains 3 node.js servers illustrating the OAuth protocol in a simplified implementation. It contains the resource server (resource.js), the authorization (with authentication also) server (authorize.js), and the client application (web app) server (client.js).
  The servers were implemented using Koa, a simpler Express replacement, with a separate router file for the API implementations and for generating the web pages (in the client server mostly). The pages are generated using Pug templates containing the HTML (and CSS) and parameters for the content.
  To run:
  Run the three servers in three different command line consoles (>node ....js).
  From a browser, access the client's home page (http://localhost:9001).
  See the logs that appear on the consoles as you progress on the web pages.
- 9. Distributed Systems Security File
  
  1.4 MB
- Print version (4 per page) File
  
  2.5 MB
- Authentication using asymmetric cryptography and biometry Folder
  
  Demo with a Web Application and an Android Authenticator app, using QR-codes.
Practical Classes
- Docker-intro File
  
  162.6 KB
- 1. Spectre Attack Lab Folder
  
  seedsecuritylabs.org/Labs_20.04/System/Spectre_Attack
- Spectre Attack Lab: compiling and running results on jmcruz's machine File
  
  9.5 KB
- 2. Getting a Digital Certificate Folder
  
  Getting a Digital certificate from Sectigo-U.Porto for email usage: the right way!
- create a CSR and ask Sectigo-UPdigital for a certificate File
  
  1.8 KB
- 3. Pseudo Random Number Generation Lab Folder
  
  seedsecuritylabs.org/Labs_20.04/Crypto/Crypto_Random_Number
- 4. Padding Oracle Attack Lab Folder
  
  seedsecuritylabs.org/Labs_20.04/Crypto/Crypto_Padding_Oracle
- 5. Hash Length Extension Attack Lab Folder
  
  seedsecuritylabs.org/Labs_20.04/Crypto/Crypto_Hash_Length_Ext
- 6. TLS Lab File
  
  317.6 KB
  
  This lab should be completed and reported in two weeks (Apr 10).
- Lab setup files
  
  3.4 KB
- TLS protocol overview File
  
  412.3 KB
- TLS programming and attacking File
  
  1.0 MB
- PKI, CAs, and web server certificates File
  
  1.2 MB
- Python TLS wrapper documentation URL
- GUI tool to generate certificates and keys (and CAs) for Macs or Windows URL
- 7. Blockchain Reentrancy Attack File
  
  102.1 KB
- Lab setup files
  
  4.9 MB
- Additional Information on Reentrancy Smart Contracts File
  
  632.0 KB
- Blockchain Concepts and Ethereum File
  
  3.1 MB
Assignment
- Authorization in a distributed system using RBAC File
  
  152.4 KB
  
  Presentation at May 29.
- Assignment submission form
  
  Procedure:
  1. Create a single file containing the assignment materials, sources, and report (.zip or .rar).
  2. One of the group elements performs the submission (all participating elements MUST be identified in the report or a participants.txt file).
SEED Security Labs
Grading

Not available unless: You belong to TURMA_1MEIC02