INFORMATION AND NETWORK SECURITY
What is Information Security? Security Goals.
Crypto Basic, Classic Cryptography, Symmetric Key Cryptography: Stream Ciphers, A5/1,
RC4, Block Ciphers, Feistel Cipher, DES, Triple DES, AES, Public Key Cryptography:
Kanpsack, RSA, Defiie-Hellman, use of public key crypto- Signature and Non-repudiation,
Confidentiality and Non-repudiation, Public Key Infrastructure, Hash Function: The Birthday
Problem, MD5, SHA-1, Tiger Hash, Use of Hash Function.
3. Access control – Authentication and Authorization
Authentication Methods, Passwords, Biometric, Single – sign on, Authentication Protocol,
Kerberos, Access control Matrix, ACLs, Multiple level security model, Multilateral security,
Covert channel, CAPTCHA.
4. Software Security
Software Flaws, Buffer Overflow, Incomplete Mediation, Race conditions, Malware, Salami
attack, Linearization Attacks, Trusting Software, Software reverse engineering, Digital Rights
management, Operating System and Security
5. Network Security
Network security basics, TCP/IP Model and Port No., Protocol flaws, Enterprise wide network
Design and Vulnerabilities, Reconnaissance of network, Packet sniffing, Session Hijacking,
ARP Spoofing, Web site and web server vulnerabilities, Denial of Service, SSL and IPSec
protocol, Firewall. Intrusion Detection System, and Honey pots, Email Security.
6. Administered Security
Planning, Risk Analysis, Organizational Policies, Physical Security
1. Mark Stamp, “Information security Principles and Practice” Wiley
2. Charles P. Pfleeger, “Security in Computing”, Pearson Education
1. Behrouz A. Forouzan, “Cryptography and Network Security”, Tata McGraw Hill
2. William Stalling, “Cryptography and Network Security”, Prentice Hall
3. Nina Godbole, “Information Systems Security”, Wiley
4. Matt Bishop, “Computer Security: Art and Science”, Pearson Education
5. Kaufman, Perlman, Speciner, “Network Security”
6. Mark Merkow, Jim Breithaupt, “IS Principles and Practices”, Person Education