department of information technology · 1 department of information technology m.tech full time...

M.Tech. Full Time

INFORMATION SECURITY & CYBER FORENSICS

CURRICULUM & SYLLABUS

2013 -2014

DEPARTMENT OF INFORMATION TECHNOLOGY

FACULTY OF ENGINEERING AND TECHNOLOGY

SRM UNIVERSITY

SRM NAGAR, KATTANKULATHUR – 603 203

1

DEPARTMENT OF INFORMATION TECHNOLOGY

M.TECH FULL TIME

INFORMATION SECURITY AND CYBER FORENSICS

CURRICULUM & SYLLABUS

2013 -2014

Course code Course Name L T P C

I AND II SEMESTER

IS2001 Introduction to Cryptography 3 0 2 4

IT2001 Data Structures and Algorithms 3 0 2 4

IS2002 Operating Systems: Administration and Security

3 0 2 4

IS2003 Network Security 3 0 2 4

IS2004 TCP/IP 3 0 2 4

IS2005 Forensics and Incident Response 3 0 2 4

III SEMESTER

IS2047 Seminar 0 0 1 1

IS2049 Project Work Phase-I 0 0 12 6

IV SEMESTER

IS2050 Project Work Phase-II 0 0 32 16

SUPPORTIVE COURSE

MA2019 Number Theory 3 0 0 3

INTER DISCIPLINARY ELECTIVE

One course to be taken in Semester I or II or III

3 0 0 3

PROGRAM ELECTIVES

6 courses of 3 credits each to be taken in Semesters I -III

- - - 18

TOTAL CREDITS 71

Total Number of credits to be earned for M.TECH degree: 71

CONTACT HOUR/CREDIT:

L: Lecture Hours per week T: Tutorial Hours per week

P: Practical Hours per week C: Credit

2

PROGRAM ELECTIVES

Course

code

Course Name L T P C

IS2101 Applied Cryptography 3 0 0 3

IS2102 Principles of Secure Coding 2 0 2 3

IS2103 Mobile and Digital Forensics 3 0 0 3

IS2104 Mobile and Wireless Security 3 0 0 3

IS2105 Interactive Programming with Python 2 0 2 3

IS2106 Malware Analysis 2 0 2 3

IS2107 Penetration Testing and Vulnerability Assessment.

2 0 2 3

IS2108 Computer and Information Security Management

3 0 0 3

IS2109 Risk Assessment and Security Audit 3 0 0 3

IS2110 Storage Management and Security 3 0 0 3

IS2111 Cloud Architectures and Security 2 0 2 3

IS2112 Cyber Law 3 0 0 3

NOTE:

Students have to register for the courses as per the following guidelines:

Sl.

No.

Category Credits

I

Semester

II

Semester

III Semester IV

Semester

Category

Total

1 Core courses 12 ( 3 courses)

12 ( 3 courses)

--- --- 24

2 Program Elective courses

18 (in I to III semesters) --- 18

Interdisciplinary elective courses (any one program elective from other programs)

3 (One course to be taken in Semester I or II or III)

3

3 Supportive courses - mandatory

3 (One course to be taken in Semester I or II or III)

--- 3

4 Seminar --- --- 1 --- 1

6 Project work --- --- 06 16 22

Total 71

3

I AND II SEMESTER

IS2001

INTRODUCTION TO CRYPTOLOGY L T P C

Total Contact Hours – 75 3 0 2 4

Prerequisite

Nil

PURPOSE

The course provides a comprehensive view of symmetric and asymmetric cryptographic Schemes and key management issues.

INSTRUCTIONAL OBJECTIVES

1. Understand OSI security architecture and classic encryption techniques

2. Acquire fundamental knowledge on the concepts of finite fields and number theory

3. Understand various block cipher and stream cipher models

4. Describe the principles of public key cryptosystems, hash functions and digital signature

UNIT 1- INTRODUCTION (9 hours)

Services, Mechanisms and attacks-the OSI security architecture-Network security model classical Encryption techniques (Symmetric cipher model, substitution techniques, transposition Techniques, steganography). UNIT II- FINITE FIELDS AND NUMBER THEORY (9 hours)

Groups, Rings, Fields-Modular arithmetic-Euclid’s algorithm-Finite fields-Polynomial. Arithmetic –Prime numbers-Fermat’s and Euler’s theorem-Testing for primality -The Chinese.Remainder theorem- Discrete logarithms.. UNIT III- BLOCK CIPHERS (9 hours)

Data Encryption Standard-Block cipher principles-block cipher modes of operation-Advanced.Encryption Standard (AES)-Triple DES-Blowfish-RC5 algorithm. UNIT IV- PUBLIC KEY CRYPTOGRAPHY (9 hours)

Principles of public key cryptosystems-The RSA algorithm-Key management -Diffie Hellman.Key exchange-Elliptic curve arithmetic-Elliptic curve cryptography.

4

UNIT - V HASH FUNCTIONS AND DIGITAL SIGNATURES (9 hours)

Authentication functions-Message authentication codes-Hash functions-Hash Algorithms (MD5, Secure Hash Algorithm)-Digital signatures (Authentication protocols, Digital signature Standard ).

PRACTICAL: (30 hours)

REFERENCE BOOKS:

1. William Stallings, “Cryptography and Network Security”, Pearson Education, 6th Edition, SBN 10: 0133354695, 2013.

2. AtulKahate, “Cryptography and Network Security”, McGraw Hill Education India (Pvt Ltd),2nd edition, ISBN 10: 0070151458, 2009.

3. Charlie Kaufman, Radia Perlman, Mike Speciner, “ Network Security: Private Communication in a Public World”, Prentice Hall, 2 nd edition, ISBN 10: 0130460192, 2002.

4. Charles Pfleeger, Shari Lawrence Pfleeger “Security in computing”, Prentice Hall,4th Edition, ISBN 10: 0132390779, 2006.

IT2001

DATA STRUCTURES AND ALGORITHMS L T P C

Total Contact Hours - 75 3 0 2 4

Prerequisite

NIL

PURPOSE:

Data structures play a central role in modern computer science. You interact with data structures much more often than with algorithms (think of Google, your mail server, and even your network routers). In addition, data structures are essential building blocks in obtaining efficient algorithms. This course will cover major results and current directions of research in data structures.


1. To make the student learn a object oriented way of solving problems.

2. To make the student write ADTS for all data structures.

3. To make the student learn different algorithm design techniques.

UNIT I - OVERVIEW OF C++ (5 hours)

C++ class overview-class definition-objects-class members- access control- constructors and destructors-parameter passing methods-dynamic memory allocation and de-allocation-Function overloading.

5

UNIT II - LINEAR DATA STRUCTURES AND ALGORITHM ANALYSIS (7 hours)

Review of Arrays-Stacks-Queues-linked lists-Linked stacks and Linked queues-Applications- Efficiency of algorithms-Asymptotic Notations- Time complexity of an algorithm using O notation- Average- Best- and Worst Case Complexities- Analyzing Recursive Programs.

UNIT III - NON LINEAR DATA STRUCTURES AND HASH TABLES (14 hours)

Introduction- Definition and Basic terminologies of trees and binary trees- Representation of trees and Binary trees- Binary tree Traversals- Threaded binary trees- Graphs- basic concepts –- representation and traversals. Introduction- Binary Search Trees: Definition- Operations and applications. AVL Trees: Definition- Operations and applications. B Trees: Definition- Operations and applications. Red – Black Trees- Splay Trees and its applications. Hash Tables: Introduction- Hash Tables- Hash Functions and its applications. UNIT IV – DIVIDE AND CONQUER & GREEDY METHOD (9 hours)

General Method- Binary Search- Finding Maximum and Minimum- Quick Sort- Merge sort- Strassen’s Matrix Multiplication- Greedy Method- General Method- Minimum Cost Spanning Trees- Single Source Shortest Path. UNIT V - DYNAMIC PROGRAMMING AND BACKTRACKING (10 hours)

General Method- 0 / 1 Knapsack problem- Reliability Design- Traveling Sales Person’s Problem. General Method-8–Queen’s Problem-Graph Coloring-Branch and Bound.

PRACTICAL (30 hours)

REFERENCES

1. Mark Allen Weiss, “Data Structures and Problem Solving using C++”, The Benjamin Cummings / Addison Wesley Publishing Company, 2002.

2. Pai G.A.V., “Data Structures and Algorithms”, TMH, 2009, 3. Ellis Horowitz, Sartaj Sahni and Sanguthevar Rajasekaran “Fundamentals of

Computer Algorithms”, 2nd edition, University Press, 1996. 4. Samanta D., “Classic Data Structures”, PHI., 2005. 5. Aho, Hopcraft, Ullman, “Design and Analysis of Computer Algorithms” PEA,

1998. 6. Goodman and Hedetniemi, “Introduction to the Design and Analysis of

Algorithms”, TMH 2002. 7. Horowitz E., Sahani S., “Design and Analysis of Algorithms”, 3rd Edition,

University Press, 2002.

6

8. Drozdek, “Data Structures and Algorithms in C++”, 2nd Edition, Thomson Learning Academic Resource Center, 2001.

IS2002

OPERATING SYSTEMS :

ADMINISTRATION AND SECURITY L T P C


Prerequisite

NIL

PURPOSE:

Any information security professional, needs to have a thorough knowledge related operating systems concepts. With this in mind, this course’s purpose is to make the learner knowledgeable in the various functions of OS, basic administration of an open source OS and methods to secure operating systems.


1. Become knowledgeable in the concepts of various functions of operating systems.

2. Gain hands-on experience in the basic administration of a linux system.

3. Understand the concepts of securing operating systems.

UNIT I - INTRODUCTION TO COMPUTER ARCHITECTURE (8 hours)

Introduction- Computer system Organization and Architecture- Operating System structure and operations- Protection and Security- Process Management- Process Scheduling – Inter process communication- Multi threading models- Semaphores- Deadlocks- Mutexes- Critical Section problem.

UNIT II - MEMORY MANAGEMENT TECHNIQUES (8 hours)

Memory Management: Swapping, Segmentation, Page replacement algorithms- File Systems: File system mounting and sharing, File system implementation and allocation methods- Device management: Disk structure, scheduling and management, I/O hardware and kernel I/O subsystem.

UNIT III - LINUX ADMINISTRATION AND OTHER SERVICES (12 hours) Open source operating system- Linux Kernel architecture- User administration in Linux- Services offered by Linux OS- Configuration of email service, web service, NFS, DNS in Linux- Syntactical Interpretation of various files related to different services in Linux.

7

UNIT IV - TRUST IN SECURE OPERATING SYSTEMS (9 hours)

Secure operating systems- Security goals- Trust model- Threat model- Access Control fundamentals: Lampson’s access matrix, mandatory protection systems, Reference monitor- Secure operating system definition- Assessment criteria

UNIT V - OPERATING SYSTEM SECURITY (8 hours)

Security in Windows and Unix: Protection system, authorization, security analysis and vulnerabilities- The security kernel- Secure communications processor – Retrofitting security into operating systems


REFERENCE BOOKS:

1. Abraham Silberschatz, Peter Baer Galvin and Greg Gagne, “Operating System Concepts”, John Wiley & Sons ,Inc., 9th Edition, 2012.

2. William Stallings, “Operating System: Internals and Design Principles”, Prentice Hall, 7th Edition,2012.

3. Tom Adelstein and Bill Lubanovic, “Linux System Administration”, O'Reilly Media, Inc., 1st Edition, 2007.

4. Trent Jaeger, “Operating Systems Security”, Morgan & Claypool Publishers, 2008.

5. Michael J.Palmer, “Guide to Operating Systems Security”, Thomson/Course Technology, 2004.

IS2003

NETWORK SECURITY L T P C


Prerequisite

Computer Networks, Cryptography

PURPOSE

This course provides a comprehensive view of the network security principles and measures to prevent vulnerabilities and security attacks in the networks.


1. Understand the basic concepts of networks, networking devices and various attacks possible on networking devices

2. Understand the concept of IP security and architecture

3. Understand the various methods and protocols to maintain E-mail security , and web security

8

4. Understand the various methods of password management and protocols to maintain system security

UNIT I - INTRODUCTION TO NETWORK SECURITY (10 hours)

Networking Devices(Layer1,2,3)- Different types of network layer attacks–Firewall (ACL, Packet Filtering, DMZ, Alerts and Audit Trials) – IDS,IPS and its types (Signature based, Anomaly based, Policy based, Honeypot based). UNIT II - VIRTUAL PRIVATE NETWORKS (12 hours)

VPN and its types –Tunneling Protocols – Tunnel and Transport Mode –Authentication Header-Encapsulation Security Payload (ESP)- IPSEC Protocol Suite – IKE PHASE 1, II – Generic Routing Encapsulation(GRE). UNIT III - MPLS AND MPLS VPN (10 hours) WAN Topologies- Standard IP based Switching – CEF based Multi-Layer switching-MPLS Characteristics- Frame Mode MPLS Operation – MPLS VPN. UNIT IV -E-MAIL SECURITY (6 hours)

Security Services for E-mail-attacks possible through E-mail – establishing keys-privacy-authentication of the source-Message Integrity-Non-repudiation-Pretty Good Privacy-S/MIME. UNIT V -WEB SECURITY (7 hours)

SSL/TLS Basic Protocol-computing the keys- client authentication-PKI as deployed by SSL Attacks fixed in v3- Exportability-Encoding-Secure Electronic Transaction (SET), Kerberos


REFERENCES

1. Charlie Kaufman, Radia Perlman, Mike Speciner, “Network Security”, Prentice Hall,2 nd edition , ISBN-10: 0130460192, ISBN-13: 978-0130460196, 2002.

2. Charles Pfleeger, ”Security in Computing”, Prentice Hall, 4 th Edition, ISBN-10: 0132390779, ISBN-13: 978-01323907744, 2006.

3. Ulysess Black, “Internet Security Protocols: Protecting IP Traffic”, Prentice Hall PTR; 1st edition, ISBN-10: 0130142492, ISBN-13: 978-0130142498, 2000.

9

4. Amir Ranjbar, “CCNP ONT Official Exam Certification Guide”, Cisco Press [ISBN: 978-1-58720-176-3], 2007.

5. Luc De Ghein, “MPLS Fundamentals”, 1st Ed. Ed., Cisco Press [ISBN: 978-1- 58705-197-5], 2006.

6. William Stallings, “Cryptography and Network Security”, Pearson Education, 6th Edition, ISBN 10: 0133354695, 2013.

IS2004

TCP/IP L T P C


Prerequisite

Computer Networks

PURPOSE

TCP/IP is arguably the single most important computer networking technology. The Internet and most home networks support TCP/IP as communication protocol. This course provides a foundation to understand various principles, protocols and design aspects of Computer Network and also helps to achieve the fundamental purpose of computer networks in the form of providing access to shared resources.


1. Understand the evolution of computer networks over the period of time using the layered network architecture.

2. Work with client server sockets and also can develop applications to speak with each other.

3. Learn and understand the next generation Internet protocol and also to work with wide area network technologies.

UNIT I - INTRODUCTION TO COMPUTER NETWORKS (6 hours)

Introduction to Layered Architecture (TCP/IP, OSI), Networking Devices, IP addressing, Subnetting, VLSM, CIDR.

UNIT II - NETWORK LAYER PROTOCOLS (12hours)

Router IOS- Static and Default Routing-Interior Gateway Routing Protocols: RIP V1&V2, OSPF, EIGRP- Exterior Gateway Routing Protocol: BGP. UNIT III - TRANSPORT LAYER PROTOCOLS (9 hours)

TCP & UDP datagram and its characteristics, RTP, Flow Control and Error Control Mechanisms, Silly Window Syndrome - Clark’s and Nagle Algorithm - Congestion Control Mechanisms - Token Bucket and Leaky Bucket.

10

UNIT IV - SOCKET PROGRAMMING (9 hours)

Introduction to socket programming- Concurrent Processing in Client-Server Software-Byte ordering and address conversion functions – Socket Interface - System calls used with sockets - Iterative server and concurrent server- Multi protocol and Multi service server- TCP/UDP Client server programs – Thread Creation and Termination – TCP Echo Server using threads- Remote Procedure Call.

UNIT V - NEXT GENERATION INTERNET PROTOCOL (9 hours)

Introduction to IPv6 – IPv6 Advanced Features –V4 and V6 header comparison – V6 Address types –Stateless auto configuration – IPv6 routing protocols – IPv4-V6 Tunneling and Translation Techniques. PRACTICAL (30 hours)

REFERENCE BOOKS:

1. Douglas E. Comer ,”Internetworking with TCP/IP, Principles, Protocols, and Architecture”, Addison-Wesley, 5th edition, Vol 1, ISBN-10: 0131876716 | ISBN-13: 978-0131876712, 2005.

2. Douglas E. Comer, David L. Stevens ,”Internetworking with TCP/IP Vol. III, Client-Server Programming and Applications”, Addison-Wesley, 2 nd edition, ISBN-10: 013260969X, ISBN-13: 978-0132609692, 2000.

3. Wendell Odom, “CCNP Route 642-902, CCIE”, Official Certification Guide, Pearson Education, 2010.

4. Behrouz A. Forouzan, “Data Communications and Networking”, McGraw-Hill, 5th edition, ISBN- 10: 0073376221, ISBN-13: 978-0073376226, 2012.

IS2005

FORENSICS AND INCIDENT RESPONSE L T P C


Prerequisite

NIL

PURPOSE

The course focuses on the procedures for identification, preservation, and extraction of electronic evidence, auditing and investigation of network and host system intrusions, analysis and documentation of information gathered, and preparation of expert testimonial evidence. The course will also provide hands on experience on various forensic tools and resources for system administrators and information system security officers.

11


1. Plan and prepare for all stages of an investigation - detection, initial response and management interaction .

2. Investigate web server attacks, DNS attacks and router attacks and also can learn the importance of evidence handling and storage .

3. Monitor network traffic and detect illicit servers and covert channels.

UNIT I - INCIDENT AND INCIDENT RESPONSE (9 hours)

Introduction to Incident - Incident Response Methodology – Steps - Activities in Initial Response Phase after detection of an incident.

UNIT II - INITIAL RESPONSE AND FORENSIC DUPLICATION (9 hours)

Initial Response & Volatile Data Collection from Windows system - Initial Response & Volatile Data Collection from Unix system - Forensic Duplication: Forensic duplication:Forensic Duplicates as Admissible Evidence,Forensic Duplication Tool Requirements,Creating a Forensic Duplicate/Qualified Forensic Duplicate of a Hard Drive.

UNIT III - STORAGE AND EVIDENCE HANDLING (9 hours)

File Systems-FAT,NTFS - Forensic Analysis of File Systems - Storage Fundamentals-Storage Layer, Hard Drives Evidence Handling-Types of Evidence, Challenges in evidence handling, Overview of evidence handling procedure. UNIT IV - NETWORK FORENSICS (9 hours)

Collecting Network Based Evidence - Investigating Routers - Network Protocols - Email Tracing - Internet Fraud. UNIT V - SYSTEMS INVESTIGATION AND ETHICAL ISSUES (9 hours)

Data Analysis Techniques - Investigating Live Systems (Windows &Unix) - Investigating Hacker Tools - Ethical Issues – Cybercrime.


REFERENCES

1. Kevin Mandia, Chris Prosise, “Incident Response and computer forensics”,Tata McGrawHill, 2006.

2. Peter Stephenson, “Investigating Computer Crime: A Handbook for Corporate Investigations”, Sept 1999.

12

3. Eoghan Casey, "Handbook Computer Crime Investigation's Forensic Tools and Technology", Academic Press, 1st Edition, 2001.

4. Skoudis. E., Perlman. R. Counter Hack: “A Step-by-Step Guide to Computer Attacks and Effective Defenses”, .Prentice Hall Professional Technical Reference. 2001.

5. Norbert Zaenglein, “Disk Detective: Secret You Must Know to Recover Information From a Computer”, Paladin Press, 2000.

6. Bill Nelson,Amelia Philips and Christopher Steuart, “Guide to computer forensics and investigations”, course technology, Cengage Learning; 4thedition, ISBN: 1-435-49883-6, 2009.

13

SEMESTER III

IS2047 SEMINAR L T P C

0 0 1 1

PURPOSE

Seminar is one of the important components for the engineering graduates to exhibit and expose their knowledge in their field of interest. It also gives a platform for the students to innovate and express their ideas in front of future engineering graduates and professionals.


1. To make a student study and present a seminar on a topic of current relevance in Information Technology or related fields.

2. Enhancing the debating capability of the student while presenting a seminar on a technical topic.

3. Training a student to face the audience and freely express and present his ideas without any fear and nervousness, thus creating self-confidence and courage which are essentially needed for an Engineer.

GUIDELINES: 1. Each student is expected to give a seminar on a topic of current. relevance

in IT/Related field with in a semester. 2. Students have to refer published papers from standard journals. 3. The seminar report must not be the reproduction of the original papers but

it can be used as reference.

ASSESMENT:

Assessment will be done according to university regulation.

IS2049

IS2050

L T P C

PROJECT WORK PHASE I (III semester) 0 0 12 6

PROJECT WORK PHASE II (IV semester) 0 0 32 16

PURPOSE

To undertake research in an area related to the program of study INSTRUCTIONAL OBJECTIVE

The student shall be capable of identifying a problem related to the program of study and carry out wholesome research on it leading to findings which will facilitate development of a new/improved product, process for the benefit of the society.

14

M.Tech projects should be socially relevant and research oriented ones. Each student is expected to do an individual project. The project work is carried out in two phases – Phase I in III semester and Phase II in IV semester. Phase II of the project work shall be in continuation of Phase I only. At the completion of a project the student will submit a project report, which will be evaluated (end semester assessment) by duly appointed examiner(s). This evaluation will be based on the project report and a viva voce examination on the project. The method of assessment for both Phase I and Phase II is shown in the following table:

Assessment Tool Weightage

In- semester I review 10% II review 15% III review 35%

End semester Final viva voce examination

40%

Student will be allowed to appear in the final viva voce examination only if he / she has submitted his / her project work in the form of paper for presentation / publication in a conference / journal and produced the proof of acknowledgement of receipt of paper from the organizers / publishers.

SUPPORTIVE COURSE

MA2019

NUMBER THEORY L T P C

Total Contact Hours:45 3 0 0 3

Pre-requisite

Knowledge of basic algebra is preferred

PURPOSE

To familiarize the students with the applied mathematical methods that can be used for solving problems in solar energy applications.


1. Gain an appreciation of the importance and beauty of the basic ideas in elementary number theory.

2. Develop and improve problem solving skills. 3. Develop basic understanding of the concepts in prime numbers, congruence,

quadratic reciprocity and number theory algorithms.

15

UNIT I - PRIME NUMBERS AND DIVISIBILITY (9 hours)

Divisibility in integers, , G.C.D, L.C.M -- prime numbers – prime factorization--Fundamental theorem of arithmetic – Euclidean division algorithm -- Fermat numbers.

UNIT II - ARITHMETICAL FUNCTIONS (9 hours)

The Mobius function µ(n)- divisor sum formulafor µ(n) – The Euler totient function φ(n) - divisor sum formula for φ(n)– A relation connecting µ and φ- A product formula for φ(n) – properties ofφ(n)–Multiplicative functions–completely multiplicative function.

UNIT III – CONGRUENCES (9 hours)

Basic properties – Residue classes and complete residue systems – linear congruences – Reduced residue systems and Euler Fermat theorem – Simultaneous linear congruences – The Chinese remainder theorem. UNIT IV - PRIMITIVE ROOTS (9 hours)

Primitive roots and reduced residue system – Non existence of p-roots

mod 2 ( 3)α α ≥ - existence of p-roots mod p for odd primes p – Existence of p-

root mod pα - p- root mod 2 pα -Non existence of p-roots in other cases.

UNIT V - QUADRATIC RECIPROCITY AND ELLIPTIC CURVES (9 hours)

Quadratic Residues – Legendre’s symbol and its properties – Evaluation of (-1 | p) and (2 | p) – Gauss’ lemma – The Quadratic Reciprocity law – Applications – The Jacobi symbol – continued fractions – elliptic curves –applications.

REFERENCES:

1. A.Jones&M.Jones, “Elementary Number Theory”, Springer publications, 1998.

2. William Stein, “Elementary Number Theory”, Springer 2009. 3. Tom M.Apostol, “Introduction to Analytic Number Theory”, Springer

International Student Edition, Narosa Publishing House, New Delhi, 1998. 4. David M.Burton , “Elementary Number Theory” Mcgraw Hill science ,sixth

edition, 2006.

16

L T P C

INTERDISCIPLINARY ELECTIVE 3 0 0 3

Total Contact Hours - 45

Students to choose one Elective course from the list of Post Graduate courses

specified under the Faculty of Engineering and Technology other than courses

under M.Tech (ISCF) curriculum either in I, II or III semester

PROGRAM ELECTIVES

IS2101

APPLIED CRYPTOLOGY L T P C

Total contact hours – 45 3 0 0 3

Prerequisite

Cryptography, Network Security

PURPOSE

The course provides an overview of the various encryption techniques, how to use them to protect the data.


1. Understand basic encryption methods and algorithms, he strengths and weaknesses of encryption algorithms.

2. Understand encryption key exchange and management

3. Understand how to deploy encryption techniques to secure data stored on computer systems.

4. Understand how to deploy encryption techniques to secure data in transit across data networks and also to demonstrate best practice deployment of cryptographically technologies.

UNIT I - INTRODUCTION (9 hours)

Foundations – Protocol Building Blocks - Basic Protocols - Intermediate Protocols – Advanced Protocols - Zero-Knowledge Proofs - Zero-Knowledge Proofs of Identity -Blind Signatures - Identity-Based Public-Key Cryptography - Oblivious Transfer - Oblivious Signatures – Esoteric Protocols

17

UNIT II – KEY MANAGEMENT (9 hours)

Key Length - Key Management - Electronic Codebook Mode - Block Replay - Cipher Block. Chaining Mode - Stream Ciphers - Self-Synchronizing Stream Ciphers - Cipher-Feedback Mode.- Synchronous Stream Ciphers - Output-Feedback Mode - Counter Mode - Choosing a Cipher. Mode - Interleaving - Block Ciphers versus Stream Ciphers - Choosing an Algorithm - Public- Key Cryptography versus Symmetric Cryptography - Encrypting Communications Channels - Encrypting Data for Storage - Hardware Encryption versus Software Encryption - Compression, Encoding, and Encryption - Detecting Encryption – Hiding and Destroying Information.

UNIT III - NUMBER THEORY (9 hours)

Information Theory - Complexity Theory - Number Theory - Factoring - Prime Number. Generation - Discrete Logarithms in a Finite Field - Data Encryption Standard (DES) – Lucifer - Madryga - NewDES - GOST – 3 Way – Crab – RC5 - Double Encryption - Triple Encryption -CDMF Key Shortening - Whitening. UNIT IV- ANALYSIS OF AUTHENTICATION MECHANISMS (9 hours)

Pseudo-Random-Sequence Generators and Stream Ciphers – RC4 - SEAL - Feedback with Carry Shift Registers - Stream Ciphers Using FCSRs - Nonlinear-Feedback Shift Registers -System-Theoretic Approach to Stream-Cipher Design - Complexity-Theoretic Approach to Stream-Cipher Design - N- Hash - MD4 - MD5 - MD2 - Secure Hash Algorithm (SHA) - One- Way Hash Functions Using Symmetric Block Algorithms - Using Public-Key Algorithms - Message Authentication Codes.

UNIT V – ANALYSIS OF MODERN CRYPTOSYSTEMS (9 hours)

RSA - Pohlig-Hellman - McEliece - Elliptic Curve Cryptosystems -Digital Signature Algorithm. (DSA) - Gost Digital Signature Algorithm - Discrete Logarithm Signature Schemes - Ongchnorr- Shamir -Cellular Automata - Feige-Fiat-Shamir -Guillou-Quisquater - Diffie-Hellman - Station-to-Station Protocol -Shamir’s Three-Pass Protocol - IBM Secret-Key Management Protocol - MITRENET - Kerberos - IBM Common Cryptographic Architecture.

REFERENCES

1. Bruce Schneier, “Applied Cryptography: Protocols, Algorithms, and Source Code in C” , John Wiley & Sons, Inc, 2nd Edition, 1996.

2. Wenbo Mao, “Modern Cryptography Theory and Practice”, Pearson Education, 2004

3. AtulKahate, “Cryptography and Network Security”, Tata McGrew Hill, 2003.

18

4. William Stallings, “Cryptography and Network Security”, 3rd Edition, Pearson Education, 2003.

IS2102

PRINCIPLES OF SECURE CODING L T P C


Prerequisite

Knowledge of Programming is preferred

PURPOSE

Commonly exploited software vulnerabilities are usually caused by avoidable software defects. Overcoming these defects during the process of development of software leads to secure coding practices. So, the purpose of this course is to identify, explain and demonstrate the problems in insecure coding practices and methods to rectify the same.


1. Understand the need for secure coding and proactive development process

2. Explain and demonstrate secure coding practices

3. Learn input issues related to database and web and fundamental principles of software security engineering


Need for secure systems- Proactive security development process- Security principles to live by and threat modeling. UNIT II - SECURE CODING IN C (6 hours)

Character strings- String manipulation errors – String Vulnerabilities and exploits – Mitigation strategies for strings- Pointers – Mitigation strategies in pointer based vulnerabilities – Buffer Overflow based vulnerabilities. UNIT III - SECURE CODING IN C++ AND JAVA (6 hours)

Dynamic memory management- Common errors in dynamic memory management- Memory managers- Double –free vulnerabilities –Integer security- Mitigation strategies. UNIT IV - DATABASE AND WEB SPECIFIC INPUT ISSUES (6 hours)

Quoting the Input – Use of stored procedures- Building SQL statements securely- XSS related attacks and remedies.

19

UNIT V – SOFTWARE SECURITY ENGINEERING (6 hours)

Requirements engineering for secure software: Misuse and abuse cases- SQUARE process model- Software security practices and knowledge for architecture and design. PRACTICAL (30 hours)

REFERENCES 1. Michael Howard , David LeBlanc, “Writing Secure Code”, Microsoft Press,

2nd Edition, 2003. 2. Robert C.Seacord, “ Secure Coding in C and C++”, Pearson Education, 2nd

edition, 2013. 3. Julia H. Allen, Sean J. Barnum, Robert J. Ellison, Gary McGraw, Nancy R.

Mead, “ Software Security Engineering : A guide for Project Managers”, Addison-Wesley Professional, 2008.

IS2103

MOBILE AND DIGITAL FORENSICS L T P C


Prerequisite

Knowledge of Forensics and Incident response is preferred

PURPOSE

The use of Mobile phones and digital devices across the globe has increased dramatically. These devices are more susceptible to information security attacks and thus they also possess huge evidences which shall be used during crime scene investigation. This makes the course on mobile and digital forensics an inevitable one for the security professionals. This course on mobile and digital forensics will provide a better understanding for the course participants on different forms of evidences in many digital devices, collection and interpretation of the same.


1. Understand the basics of wireless technologies and security.

2. Become knowledgeable in mobile phone forensics and android forensics.

3. Learn the methods of investigation using digital forensic techniques.

20

UNIT – I – INTRODUCTION TO WIRELESS TECHNOLOGIES (9 hours)

Overview of wireless technologies and security: Personal Area Networks, Wireless Local Area Networks, Metropolitan Area Networks, Wide Area Networks. Wireless threats, vulnerabilities and security: Wireless LANs, War Driving, War Chalking, War Flying, Common Wi-fi security recommendations, PDA Security, Cell Phones and Security, Wireless DoS attacks, GPS Jamming, Identity theft.

UNIT - II – SECURITY FRAMEWORK FOR MOBILE SYSTEMS (9 hours)

CIA triad in mobile phones-Voice, SMS and Identification data interception in GSM: Introduction, practical setup and tools, implementation- Software and Hardware Mobile phone tricks: Netmonitor, GSM network service codes, mobile phone codes, catalog tricks and AT command set- SMS security issues.

UNIT - III - MOBILE PHONE FORENSICS (12 hours) Crime and mobile phones, evidences, forensic procedures, files present in SIM card, device data, external memory dump, evidences in memory card, operators systems- Android forensics: Procedures for handling an android device, imaging android USB mass storage devices, logical and physical techniques. UNIT - IV – INTRODUCTION TO DIGITAL FORENSICS (7 hours)

Digital forensics: Introduction – Evidential potential of digital devices: closed vs. open systems, evaluating digital evidence potential- Device handling: seizure issues, device identification, networked devices and contamination.

UNIT - V – ANALYSIS OF DIGITAL FORENSIC TECHNIQUES (8 hours)

Digital forensics examination principles: Previewing, imaging, continuity, hashing and evidence locations- Seven element security model- developmental model of digital systems- audit and logs- Evidence interpretation: Data content and context.

REFERENCES

1. Gregory Kipper, “Wireless Crime and Forensic Investigation”, Auerbach Publications, 2007.

2. Iosif I. Androulidakis, “ Mobile phone security and forensics: A practical approach”, Springer publications, 2012.

3. Andrew Hoog, “ Android Forensics: Investigation, Analysis and Mobile Security for Google Android”, Elsevier publications, 2011.

4. Angus M.Marshall, “ Digital forensics: Digital evidence in criminal investigation”, John – Wiley and Sons, 2008.

21

IS2104

MOBILE AND WIRELESS SECURITY L T P C


Prerequisite

TCP/IP, Principles of Network Security

PURPOSE

The course deals with the security and privacy problems in the realm of wireless networks and mobile computing. The subject is useful to researchers working in the fields of mobile and wireless security and privacy and to graduate students seeking new areas to perform research.


1. Gain in-depth knowledge on wireless and mobile network security and its relation to the new security based protocols.

2. Apply proactive and defensive measures to counter potential threats, attacks and intrusions.

3. Design secured wireless and mobile networks that optimise accessibility whilst minimising vulnerability to security risks.


Security and Privacy for Mobile and Wireless Networks: Introduction- State of the Art- Areas for Future Research- General Recommendation for Research. Pervasive Systems: Enhancing Trust Negotiation with Privacy Support: Trust Negotiation- Weakness of Trust Negotiation- Extending Trust Negotiation to Support Privacy

UNIT II - MOBILE SECURITY (10 hours)

Mobile system architectures, Overview of mobile cellular systems, GSM and UMTS Security & Attacks, Vulnerabilities in Cellular Services, Cellular Jamming Attacks & Mitigation, Security in Cellular VoIP Services, Mobile application security. UNIT III - SECURING WIRELESS NETWORKS (10 hours) Overview of Wireless security, Scanning and Enumerating 802.11 Networks, Attacking 802.11 Networks, Attacking WPA protected 802.11 Networks, Bluetooth Scanning and Reconnaissance, Bluetooth Eavesdropping, Attacking and Exploiting Bluetooth, Zigbee Security, Zigbee Attacks

22

UNIT IV - ADHOC NETWORK SECURITY (9 hours) Security in Ad Hoc Wireless Networks, Network Security Requirements, Issues and Challenges in Security Provisioning, Network Security Attacks, Key Management in Adhoc Wireless Networks, Secure Routing in Adhoc Wireless Networks UNIT V-RFID SECURITY (11 hours) Introduction, RFID Security and privacy, RFID chips Techniques and Protocols, RFID anti-counterfeiting, Man-in-the-middle attacks on RFID systems, Digital Signature Transponder, Combining Physics and Cryptography to Enhance Privacy in RFID Systems, Scalability Issues in Large-Scale Applications, An Efficient and Secure RFID Security Method with Ownership Transfer, Policy-based Dynamic Privacy Protection Framework leveraging Globally Mobile RFIDs, User-Centric Security for RFID based Distributed Systems, Optimizing RFID protocols for Low Information Leakage, RFID: an anti-counterfeiting tool.

REFERENCES

1. Kia Makki, Peter Reiher, “Mobile and Wireless Network Security and Privacy “, Springer, ISBN 978-0-387-71057-0, 2007.

2. C. Siva Ram Murthy, B.S. Manoj, “Adhoc Wireless Networks Architectures and Protocols”, Prentice Hall, x ISBN 9788131706885, 2007.

3. NoureddineBoudriga, ”Security of Mobile Communications”, ISBN 9780849379413, 2010.

4. Kitsos, Paris; Zhang, Yan , “RFID Security Techniques, Protocols and System-On-Chip Design “, ISBN 978-0-387-76481-8, 2008.

5. Johny Cache, Joshua Wright and Vincent Liu,” Hacking Wireless Exposed: Wireless Security Secrets & Solutions “, second edition, McGraw Hill, ISBN: 978-0-07-166662-6, 2010.

IS2105

INTERACTIVE PROGRAMMING WITH PYTHON L T P C


Prerequisite

Web systems and Network security

PURPOSE

This course will help the students to gain mastery over Python scripting and its application to problems in computer and network security. This course is ideal for penetration testers, security enthusiasts and network administrators who want to learn to automate tasks or go beyond just using readymade tools.

23


1. Acquire fundamental knowledge on the concepts of python scripting.

2. Understand the system and network security programming.

3. Acquire knowledge on developing web servers and clients.

4. Understand various exploitation techniques.

UNIT-I - INTRODUCTION TO PYTHON (6 hours)

Introduction to Interpreted Languages and Python - Data Types and variables - Operators and Expressions - Program Structure and Control - Functions and Functional Programming - Classes, Objects and other OOPS concepts. UNIT-II - SYSTEM PROGRAMMING AND SECURITY (6 hours)

I/O in Python - File and Directory Access - Multithreading and Concurrency - Inter Process Communication (IPC) - Permissions and Controls

UNIT- III - NETWORK SECURITY PROGRAMMING (6 hours) Raw Socket basics -Socket Libraries and Functionality - Programming Servers and Clients - Programming Wired and Wireless Sniffers - Programming arbitrary packet injectors - PCAP file parsing and analysis.

UNIT-IV - WEB APPLICATION SECURITY (6 hours) Web Servers and Client scripting - Web Application Fuzzers - Scraping Web Applications – HTML and XML file analysis - Web Browser Emulation - Attacking Web Services - Application Proxies and Data Mangling - Automation of attacks such as SQL Injection, XSS etc.

UNIV-V - EXPLOITATION TECHNIQUES (6 hours) Exploit Development techniques - Immunity Debuggers and Libs - Writing plugins in Python - Binary data analysis - Exploit analysis Automation.


REFERENCES

1. Mike Dawson,”More Python programming for Absolute Beginner”, Cengage Learning PTR; 3rd edition, ISBN-10: 1435455002, ISBN-13: 978-14354550092, 2010.

2. Mark Lutz,” Python Pocket reference”, O'Reilly Media; 4 th edition ,ISBN-10: 0596158084, ISBN-13: 978-0596158088, 2009.

24

IS2106

MALWARE ANALYSIS L T P C


Prerequisite

Network Security

PURPOSE

The purpose is to understand the purpose of malware, work with examples of famous virus and worms.


1. To understand the purpose of computer infection program.

2. To implement the covert channel and mechanisms.

3. To test and exploit various malware in open source environment.

4. To analyze and design the famous virus and worms.

UNIT I - INTRODUCTION (6 hours) Computer Infection Program- Life cycle of malware- Virus nomenclature- Worm nomenclature- Tools used in computer virology.

UNIT II - IMPLEMENTATIONOF COVERT CHANNEL (6 hours)

Non self-reproducing Malware- Working principle of Trojan Horse- Implementation of Remote access and file transfer- Working principle of Logical Bomb- Case Study: Conflicker C worm.

UNIT III - VIRUS DESIGN AND ITS IMPLICATIONS (6 hours)

Virus components- Function of replicator, concealer and dispatcher- Trigger Mechanisms- Testing virus codes- Case Study: Brute force logical bomb. UNIT IV - MALWARE DESIGN USING OPEN SOURCE (6 hours)

Computer Virus in Interpreted programming language- Designing Shell bash virus under Linux- Fighting over infection- Anti –antiviral fighting – Polymorphism- Case study: Companion virus. UNIT V VIRUS AND WORM ANALYSYS (6 hours)

Klez Virus- Clone Virus- Doom Virus- Black wolf worm- Sassar worm- Happy worm 99.


25

REFERENCES

1. ErciFiliol, “Computer Viruses: from theory to applications”, Springer, 1st edition, ISBN 10: 2-287-23939-1, 2005.

2. Mark.A .Ludwig, “The Giant black book of computer viruses, Create Space Independent Publishing Platform, 2 nd edition, ISBN 10: 144140712X, 2009.

IS2107

PENETRATION TESTING AND

VULNERABILITY ASSESSMENT L T P C


Prerequisite

Network Security

PURPOSE

The purpose is to understand the methodologies and techniques used for penetrating a machine using tools.


1. To identify security vulnerabilities and weaknesses in the target applications.

2. To identify how security controls can be improved to prevent hackers gaining access to operating systems and networked environments.

3. To test and exploit systems using various tools.

4. To understand the impact of hacking in real time machines.

UNIT I - INTRODUCTION (6 hours) Ethical Hacking terminology- Five stages of hacking- Vulnerability Research- Legal implication of hacking- Impact of hacking.

UNIT II - FOOT PRINTING & SOCIAL ENGINEERING (6 hours)

Information gathering methodologies- Competitive Intelligence- DNS Enumerations- Social Engineering attacks.

UNIT III - SCANNING & ENUMERATION (6 hours)

Port Scanning-Network Scanning- Vulnerability Scanning- NMAP scanning tool- OS Fingerprinting- Enumeration. UNIT IV - SYSTEM HACKING (6 hours)

Password cracking techniques- Key loggers- Escalating privileges- Hiding Files- Steganography technologies- Countermeasures.

26

UNIT IV - SNIFFERS & SQL INJECTION (6 hours)

Active and passive sniffing- ARP Poisoning- Session Hijacking- DNS Spoofing- Conduct SQL Injection attack - Countermeasures.


REFERENCES

1. Kimberly Graves, “CEH: Official Certified Ethical Hacker Review Guide”, Wiley Publishing Inc., ISBN: 978-0-7821-4437-6, 2007.

2. Shakeel Ali &Tedi Heriyanto, “Backtrack -4: Assuring security by penetration testing”, PACKT Publishing., ISBN: 978-1-849513-94-4, 2011.

IS2108

COMPUTER AND INFORMATION SECURITY

MANAGEMENT L T P C


Pre-requisite

Knowledge of TCP/IP, Cryptography and Network security is preferred

PURPOSE

The ubiquity of computers and internet in the life of human beings has enabled chance, motive and means to do harm. With such endangers in front of us, it becomes necessary security for security professionals, to learn about how manage computer and information security aspects. Hence this course provides methods to develop new framework for information security, overview of security risk assessment and management and security planning in an organization.


1. Understand the myths of information security management and methods to develop new frameworks for information security.

2. Understand the myths of information security management and methods to develop new frameworks for information security.

3. Understand the fundamentals of information security risk assessments.

4. Become knowledgeable in the area of security management planning and configuration management.

UNIT I - MYTHS OF INFORMATION SECURITY MANAGEMENT (6 hours)

The big picture-Learning from experience-Weaknesses in Information Security-The extent of crime in cyberspace- The cyberspace crimoid syndrome-Policies and technologies- A new framework for information security.

27

UNIT II - INFORMATION SECURITY ASSESSMENTS (9 hours)

Risk assessment-Richard Baskerville’s risk assessment methodology- Generations of risk assessment techniques- Quantitative approach to risk assessment-Problems with Quantitative approach – NIST ALE- Baseline approach.

UNIT III - SECURITY MANAGEMENT CONCEPTS AND PRINCIPLES (9 hours)

Measuring ROI on security- Security patch management- Purposes of Information Security management- The building blocks of information security- Human side of information security-Security management- Securing new information technology.

UNIT IV - CONFIGURATION MANAGEMENT (11 hours )

Overview of SSE CMM- SSE CMM relationship to other initiatives- Capability levels- Security Engineering- Security Engineering process overview- Basic process areas- Configuration management- Base practices- Establish configuration management.

UNIT V - SECURITY MANAGEMENT PLANNING (10 hours )

Maintaining information security during downsizing- Business case for Information Security- Information Security Management in healthcare industry- Protecting high tech trade secrets- Outsourcing Security.

REFERENCES

1. Donn Parkers, “ Fighting Computer Crime: “A New Framework for Protecting Information”, John Wiley&Sons, 2003.

2. Micki Krause, Harold F.Tripton, “ Information Security Management Handbook”,Auerbach Publications, 2012.

IS2109

RISK ASSESSMENT & SECURITY AUDIT L T P C


Prerequisite

Nil

PURPOSE

The purpose is to understand the risk assessment while handling and processing information and implementing security in audit.


1. To gain the knowledge about Information Risk.

2. To discovery knowledge in collecting data about organization.

28

3. To do various analysis on Information Risk Assessment.

4. To understand IT audit and its activities.

UNIT I - INTRODUCTION (9 hours) What is Risk? –Information Security Risk Assessment Overview- Drivers, Laws and Regulations- Risk Assessment Frame work – Practical Approach.

UNIT II - DATA COLLECTION (9 hours)

The Sponsors- The Project Team- Data Collection Mechanisms- Executive Interviews- Document Requests- IT Assets Inventories- Profile & Control Survey- Consolidation.

UNIT III - DATA ANALYSIS (9 hours)

Compiling Observations- Preparation of catalogs- System Risk Computation- Impact Analysis Scheme- Final Risk Score.

UNIT IV - RISK ASSESSMENT (9 hours)

System Risk Analysis- Risk Prioritization- System Specific Risk Treatment- Issue Registers- Methodology- Result- Risk Registers- Post Mortem.

UNIT V - SECURITY AUDIT PROCESS (9 hours)

Pre-planning audit- Audit Risk Assessment- Performing Audit- Internal Controls- Audit Evidence- Audit Testing- Audit Finding- Follow-up activities.

REFERENCES

1. Mark Talabis, “Information Security Risk Assessment Toolkit: Practical Assessments through Data Collection and Data Analysis”, Syngress; 1 edition, ISBN: 978-1-59749-735-0, 2012.

2. David L. Cannon, “CISA Certified Information Systems Auditor Study Guide”, John Wiley & Sons, ISBN: 978-0-470-23152-4, 2009.

IS2110

STORAGE MANAGEMENT & SECURITY L T P C


Prerequisite

Nil

PURPOSE

The purpose is to understand the managing information in storage system and effective security implementation on platforms.

29


1. To explain the basic information storage and retrieval concepts.

2. To understand the issues those are specific to efficient information retrieval.

3. To design and implement a small to medium size information storage and Retrieval system.

4. To implement security issues while storing and retrieving information.

UNIT – I – INTRODUCTION TO STORAGE SYSTEMS (9 hours) Storage System - Introduction to Information Storage and Management, Storage System Environment, Data Protection Raid, Intelligent Storage System. UNIT – II – STORAGE AREA NETWORKING (9 hours)

Storage Networking Technologies and Virtualization, Storage Networks, Network Attached Storage, IP SAN, Content Addressed Storage, Storage Virtualization. UNIT – III - BACKUP AND RECOVERY MECHANISMS (9 hours)

Introduction to Business Continuity, Backup and Recovery, Local Replication, Remote Replication. UNIT – IV – STORAGE SECURITY (9 hours)

Securing the storage Infrastructure, Storage Security Framework, Risk Triad, Storage Security Domains, Security Implementation in Storage Networking. UNIT – V – STORAGE INFRASTRUCTURE MANAGEMENT (9 hours)

Managing the Storage Infrastructure, Monitoring the Storage Infrastructure, Storage Management Activities, Developing an Ideal Solution, Concepts in Practice. REFERENCES: 1. Information Storage and Management, “Storing, Managing, and Protecting

Digital Information”, Wiley; 1 edition, EMC Corporation, 2009. 2. John Chirillo, Scott Blaul, “Storage Security: Protecting SAN, NAS and DAS”,

Wiley Publishers, 2003. 3. David Alexander , Amanda French , David Sutton ,”Information Security

Management Principles” The British Computer Society, 2008.

30

IS2111

CLOUD ARCHITECTURES AND SECURITY L T P C


Pre-requisite

Knowledge of TCP/IP, Cryptography and Network security is preferred

PURPOSE

Cloud computing has drawn the attention of many business organization and normal users of computers in the recent past. Security aspects of cloud computing have always been subjected to many criticisms. Hence it becomes important for any security professional to possess an understanding of the cloud architecture and methods to secure the same. The aforementioned fact evident the need for the course.


1. Understand the fundamentals of cloud computing.

2. Understand the requirements for an application to be deployed in a cloud.

3. Become knowledgeable in the methods to secure cloud.

UNIT – I- CLOUD COMPUTING FUNDAMENTALS (4 hours)

Cloud Computing definition, private, public and hybrid cloud. Cloud types; IaaS, PaaS, SaaS. Benefits and challenges of cloud computing, public vs private clouds, role of virtualization in enabling the cloud; Business Agility: Benefits and challenges to Cloud architecture.

UNIT – II - CLOUD APPLICATIONS (6 hours) Technologies and the processes required when deploying web services-Deploying a web service from inside and outside a cloud architecture, advantages and disadvantages- Development environments for service development; Amazon, Azure, Google App.

UNIT – III – SECURING THE CLOUD (5 hours) Security Concepts - Confidentiality, privacy, integrity, authentication, non-repudiation, availability, access control, defence in depth, least privilege- how these concepts apply in the cloud and their importance in PaaS, IaaS and SaaS. e.g. User authentication in the cloud.

31

UNIT - IV – VIRTUALIZATION SECURITY (7 hours)

Multi-tenancy Issues: Isolation of users/VMs from each other- How the cloud provider can provide this- Virtualization System Security Issues: e.g. ESX and ESXi Security, ESX file system security- storage considerations, backup and recovery- Virtualization System Vulnerabilities.

UNIT - V - CLOUD SECURITY MANAGEMENT (8 hours)

Security management in the cloud – security management standards- SaaS, PaaS, IaaS availability management- access control- Data security and storage in cloud.


REFERENCES

1. Gautam Shroff, “Enterprise Cloud Computing Technology Architecture Applications”, Cambridge University Press; 1 edition [ISBN: 978-0521137355], 2010.

2. Toby Velte, Anthony Velte, Robert Elsenpeter, “Cloud Computing, A Practical Approach”, Tata McGraw-Hill Osborne Media; 1 edition 22, [ISBN: 0071626948], 2009.

3. Tim Mather, Subra Kumaraswamy, Shahed Latif, “Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance”, O'Reilly Media; 1 edition, [ISBN: 0596802765], 2009.

4. Ronald L. Krutz, Russell Dean Vines, “Cloud Security”, Wiley [ISBN: 0470589876], , 2010.

IS2112

CYBER LAW L T P C

Total contact hours – 45 3 0 0 3

Prerequisite

Nil

PURPOSE

The purpose is to understand the basics of cyber law and its related issues.


1. To explain the basic information on cyber security.

2. To understand the issues those are specific to amendment rights.

3. To have knowledge on copy right issues of software’s.

4. To understand ethical laws of computer for different countries.

32

UNIT I - FUNDAMENTALS OF CYBER SECURITY (9 hours)

Introduction-Cyber Security and its problem-Intervention Strategies: Redundancy, Diversity and Autarchy. UNIT II – ISSUES IN CYBER SECURITY (9 hours)

Private ordering solutions, Regulation and Jurisdiction for global Cyber security, Copy Right-source of risks, Pirates, Internet Infringement, Fair Use, postings, criminal liability, First Amendments, Data Loss. UNIT III – INTELLECTUAL PROPERTY RIGHTS (9 hours)

Copy Right-Source of risks, Pirates, Internet Infringement, Fair Use, postings, Criminal Liability, First Amendments, Losing Data, Trademarks, Defamation, Privacy-Common Law Privacy, Constitutional law, Federal Statutes, Anonymity, Technology expanding privacy rights. UNIT IV - PROCEDURAL ISSUES (9 hours)

Duty of Care, Criminal Liability, Procedural issues, Electronic Contracts & Digital Signatures, Misappropriation of information, Civil Rights, Tax, Evidence. UNIT V-LEGAL ASPECTS OF CYBER SECURITY (9 hours)

Ethics, Legal Developments, Late 1990 to 2000,Cyber security in Society, Security in cyber laws case. studies, General law and Cyber Law-a Swift Analysis. REFERENCES:

1. Jonathan Rosenoer,“Cyber Law: The law of the Internet”, Springer-Verlag, 1997.

2. Mark F Grady, Fransesco Parisi, “The Law and Economics of Cyber Security”, Cambridge University Press, 2006.

33

AMENDMENTS

S.No. Details of Amendment Effective from Approval with

date

department of information technology · 1 department of information technology m.tech full time...

Documents