738d3aMovil

Escuela de Verano

Escuela de Verano Internacional

La escuela de verano es un espacio en el que los estudiantes tienen la posibilidad de acceder a una variada oferta de cursos en diferentes temas, en donde además tienen la oportunidad de conocer las últimas tendencias y avances de la Ingeniería. Los cursos de la Escuela Internacional de Verano están a cargo de profesores con título doctoral y, en su mayoría, son impartidos en inglés.

 

Escuela de Verano 2014

Departamento de Ingeniería de Sistemas y Computación

En el marco de la Escuela de Verano Internacional de 2014, el Departmento de Ingeniería de Sistemas y Computación ofrece a sus estudiantes tres cursos:

Programming Distributed Computing Systems

Architecting for the cloud

Secure Coding

Usted puede consultar el detalle de los cursos ofrecidos durante este periodo a continuación.

"This course will enable students to understand and apply theoretical foundations of programming concurrent distributed computing systems---namely process calculi, actors, join calculus, and mobile ambients. In the practical part, students will compare communication and synchronization aspects in actor-, process-, and object-oriented concurrent programming languages.

Course Themes

Theories of concurrent, distributed and mobile computing. Programming languages for concurrent distributed and mobile systems. Research topics in distributed computing over the Internet. "

Fecha:

09 al 27 de Junio de 2014

Hora: 

8:00AM a 11:00AM

Idioma: 

Español

Profesores: 

Carlos Varela

 

Sobre el Profesor

Carlos Varela

Rensselaer Polytechnic Institute

Dr. Carlos A. Varela received his B.S. with honors, M.S., and Ph.D. in Computer Science at the University of Illinois at Urbana-Champaign. Dr. Varela is Associate Editor of the ACM Computing Surveys journal and the IEEE Transactions on Cloud Computing, and has served as Guest Editor of the Scientific Programming journal. Dr. Varela is a recipient of several research grants including the NSF CAREER award, two IBM SUR awards, and two IBM Innovation awards. His current research interests include data streaming, web-based and internet-based computing, middleware for adaptive distributed systems, concurrent programming models and languages, and software verification. For more information on his group's research, please visit the Worldwide Computing Lab Home Page at http://wcl.cs.rpi.edu/. 

"Deploying applications in the cloud has become commonplace in the last few years. Organizations view cloud computing, namely Infrastructure as a Service (IaaS), as a way to achieve their objectives without in-house expertise, allowing them to reduce cost of ownership, increase scalability, increase availability, and focus on areas of core competence.

It is becoming more apparent, however, that this isn't always the case. Organizations that have blindly adopted such approaches have experienced performance issues, service outages, security issues, and in some cases have permanently lost proprietary data.This course provides the knowledge needed to fully understand the implications of particular design and deployment decisions in order to determine if a given solution is appropriate for the needs of an organization."

Fecha:

Módulo 1: 07 al 09 de Julio

Módulo 2: 14 al 24 de Julio

Hora: 

Módulo 1: Lunes a Miércoles 

6:00PM - 8:50PM

Módulo2: Lunes a Jueves

1:00PM - 5:30PM

Idioma: 

Módulo 1: Español

Módulo 2: Inglés

Profesores: 

Módulo 1: Dario Correal

Módulo 2: Len Bass, Matthew Bass

Sobre los profesores:

Len Bass

Carnegie Melon University, Pittsburgh, USA

Len Bass Len Bass is a faculty member at Carnegie-Mellon University. Len has written two award-winning books in software architecture as well as several other books and numerous papers in a wide variety of areas of computer science and software engineering. He has been a keynote speaker or a distinguished lecturer on six continents. He is currently working on techniques for the methodical design of software architectures, to understand how to support usability through software architecture, and to understand the relationship between software architecture and global software development practices. He has been involved in the development of numerous different production or research software systems ranging from operating systems to database management systems to automotive systems.

Matthew Bass

Carnegie Melon University, Pittsburgh, USA

Matthew Bass Matthew is a faculty member at Carnegie-Mellon University. Software architect and software engineer for past 15+ years. Matthew was the first external person to become authorized by Carnegie Mellon's Software Engineering Institute to deliver ""Software Architecture: Principles and Practices"". He is co-author of the ""Global Software Development Handbook"". Author and co-author of numerous peer-reviewed technical papers on software architecture and global software development."

 

In this course we focus on basic tools and guidelines for the development of  secure software. The course will cover two main types of software: Web  services and native applications. For these two categories, we will  briefly recall the most exploited vulnerabilities and we will  concentrate on  best-practices to avoid them, as well as on tools that help developers to  build security into their software. Learning goals: The students should become aware of common programming  mistakes and acquire tools to avoid them. They should learn best practices for  the most popular programming languages for web and binary development (PHP, JavaScript, Java, C/C++). Students will  acquire basic knowledge on secure  development tools and code-analysis including static and dynamic analysis  and rudiments of security assessments.

Pre-requisites: A programming course in C/C++, Java, rudiments of web-programming Description: Most of today's IT security problems are caused by software vulnerabilities. Security vulnerabilities are a type of faults/bugs in software that can be exploited by malicious users, such that software behaves in a way that was not originally intended by its developers. Although the most exploited  vulnerabilities like buffer-overflows and SQL-injections are well understood by people with security training, most developers do not have such training  and are not aware of what could go wrong in their code. 

Fecha:

16 de Junio a 04 de Julio

Hora: 

6:00PM - 9:00PM

Idioma: 

Español

Profesores: 

Martín Ochoa

Sobre el profesor:

Dr. Martín Ochoa

Technische Universität München, Munich, Alemania

Martin Ochoa studied Systems Engineering in San José, CR (Universidad Latina, B.Sc.) and Mathematics in Rome (La Sapienza, B.Sc.). He continued his math studies in Munich (LMU, M.Sc.) and Sophia-Antipolis (INRIA). Afterwards he completed a PhD in Computer Science (TU Dortmund) under the supervision of Jan Jürjens and Jorge Cúellar. Before joining the TUM, he has worked as a consultant in IT security for Siemens Corporate Technology in Munich. He is interested in applied formal methods for software security.

Bibliografía:

Intro: Motivation, principles of secure development

Web-app. security

  • Intro to Web security, OWASP Top 10, browser security, mash-ups 
  • PHP: XSS, CSRF, SQL Injections in PHP (and what to do about them)
  • PHP: DoS, Information disclosure, Path traversal, OS injection (")
  • Javascript security, browser security, HTML5 sec.
  • Pen-testing for developers, source-code analysis tools

Native-app. security

  • C/C++: String manipulation (common errors and best practices), Dynamic memory management
  • C/C++: Integer security and formatted output , Concurrency and I/O 
  • Java Security
  • Vulnerability testing for C/C++, Static and dynamic analysis tools
  • Reverse engineering C/C++ binaries on Linux
  • Reverse engineering C/C++ binaries on Windows
  • Obfuscation techniques

General and recap

  • General: Using crypto the right way (crypto-libraries for C/C++ and PHP)
  • Conclusions, recap.

afiche2014

Facultad de Ingeniería

En el marco de la Escuela de Verano todos los departamentos de La Facultad de Ingeniería ofrece uno o varios cursos que permitan a los estudiantes estar al tanto de los últimos avances en sus futuros campos de desarrollo profesional. La Escuela de Verano tiene lugar durante los meses de junio y julio, en este periodo profesores de prestigiosas universidades internacionales visitan la Facultad de Ingeniería para dictar los diferentes cursos ofrecidos.

Ustede puede consultar toda los cursos ofrecidos por otros departamentos de la Facultad AQUÍ

Comparte esto en:

Submit to FacebookSubmit to Google PlusSubmit to TwitterSubmit to LinkedIn