Syllabus - INFORMATION SECURITY (CB-602)

Computer Science and Business System (CSBS)

INFORMATION SECURITY (CB-602)

VI

UNIT – I

Overview of Security Parameters

Confidentiality, integrity and availability; Security violation and threats; Security policy and procedure; Assumptions and Trust; Security Assurance, Implementation and Operational Issues; Security Life Cycle.

UNIT – II

Access Control Models

Discretionary, mandatory, role-based and task-based models, unified models, access control algebra, temporal and spatio-temporal models.

UNIT – III

Security Policies

Confidentiality policies, integrity policies, hybrid policies, non-interference and policy composition, international standards.

Systems Design

Design principles, representing identity, control of access and information flow, confinement problem.

Assurance

Building systems with assurance, formal methods, evaluating systems.

UNIT – IV

Logic-based System

Malicious logic, vulnerability analysis, auditing, intrusion detection.

Applications

Network security, operating system security, user security, program security.

Special Topics

Data privacy, to digital forensics, enterprise security specification. introduction

UNIT – V

Operating Systems Security

Security Architecture, Analysis of Security in Linux/Windows.

Database Security

Security Architecture, Enterprise security, Database auditing.

Practicals

  • Analysis of security in Unix/Linux.

  • Administration of users, password policies, privileges and roles

  • Implementation of discretionary access control and mandatory access control

  • Demonstrate intrusion detection system (ids) using any tool Eg. Snort or any other software

  • Implementation of IT audit, malware analysis and vulnerability assessment and generate the report

  • Implementation of mobile audit and generate the report of the existing artifacts

  • Implementation of OS hardening and RAM dump analysis to collect the artifacts and other information

  • Implementation of digital forensics tools for disk imaging, data acquisition, data extraction and data analysis and recovery

  • Perform mobile analysis in the form of retrieving call logs, SMS log, and all contacts list using the forensics tool like SAFT

  • Implementation to identify web vulnerabilities, using OWASP project

Reference Books

  • R. Anderson, “Security engineering”. John Wiley & Sons, 2008.

  • M. Bishop, “Computer Security: Art and Science”, Pearson Education

  • M. Stamp, “Information security: principles and practice”. John Wiley & Sons, 2014.

  • William Stallings, “Cryptography and Network Security Principles and Practice” Fourth Edition, Pearson Education.