|
|
510105 Elective-II
510105A Information and Network Security
Teaching Scheme Examination Scheme
Lectures: 3hrs/week Theory: 100 Marks
Total Credits : 03
1. Introduction
Management of malicious intent, threat scenarios, critical infrastructures, security targets
and policies, security mechanisms, examples of applications and their different security
requirements, multi-lateral security, privacy and data protection, computer misuse legislation,
Operating system and network security. Cyber laws.
2. Security Models
Military and civil security, vulnerability and threat models, End-end security (COMSEC), link
encryption (TRANSEC), compartments. Privacy. Authentication. Denial of service. Nonrepudiation.
Overview of private-key and public-key cryptographic algorithms: DES, RSA.
Encapsulation. Encryption principles. Issues in multi-level secure systems.
Internet security models: IPv4/IPv6 encapsulation header
3. Security Policies and Design Guidelines
Policies: Policy creation, Regularity considerations, Privacy regulations. Security: Infrastructure
and components. Design Guidelines. Authentication: Authorization and accounting. Physical and
logical access control. User authentication: Biometric devices.
4. Network Layer Security
Routing algorithm vulnerabilities: route and sequence number spoofing, instability and resonance
effects. Information hiding: DMZ networks, route aggregation and segregation
ICMP redirect hazard: denial of service. ARP hazard: phantom sources, ARP explosions and slow
links. Defending against Chernobyl packets and meltdown. Fragmentation vulnerabilities and
remedies: (ICMP Echo overrun)
5. Transport and Application Layer Security
Techniques for - fault detection, isolation and repair. Secure network infrastructure services:
DNS, NTP, SNMP, Privacy enhanced mail (PEM), Secure binding of multimedia streams, Secure
RTP. Secure RSVP. Mobile systems: Address Export and re-use. Session key management:
Blind-key cryptosystems (NTP).
6. Firewalls
Network partitioning, firewall platforms, partitioning models and methods, Secure SNMP, Secure
routing interoperability: virtual networks (DARTnet/CAIRN). Transparent and opaque network
services. Source masking and hidden channels.
7. Key and Certificate Management
Secure binding of public and private values: DNS certificates. Making and distributing key
media: randomization, lifetime issues. Key agreement protocols: STS protocol and IETF work
orders. Key Escrow: the Clipper chip. One-time passwords: schemes based on S/KEY, PKI
components and Applications. Exploiting diversity and redundancy: Byzantine generals. Timestamping
and reliable ordering of events: NTP. Consensus and agreement protocols.
13
8. Security in Wireless Networks
How it is different, Methods and procedures, MIN/ESN, shared secret data authentication, Token
based, public key based.
Reference Books:
1. Stallings, W., “Cryptography and Network Security: Theory and Practice”, Second
Edition, John Wiley
2. Schneier, B., “Applied Cryptography - Protocols, Algorithms, and Source Code in C”,
Second Edition. John Wiley and Sons, 1995
3. Stinson D., “Cryptography - Theory and Practice”, CRC Press, Boca Raton, FA, 1995
4. Stein L., “Web Security: A Step-by-Step Reference Guide”, Addison Wesley Longman,
Inc., 1998
5. Gollmann, D., “Computer Security”, Wiley, 1999
6. Anderson R., “Security Engineering: A Guide to Building Dependable Distributed
Systems”, Wiley
7. Cheswick W., Bellovin S., ”Firewalls and Internet Security: Repelling the Wily Hacker”,
2nd ed., Addison-Wesley
8. Garfinkel S., Spafford G., “Practical Unix and Internet Security”, O'Reilly
9. Amoroso E., “Fundamentals of Computer Security Technology”, Prentice-Hall
10. Blacharski D., “Network Security in a Mixed Environment”
For more details, visit http://www.unipune.ernet.in/stud_info/Syllabi/Syllabus_2008.html
|
No responses found. Be the first to respond and make money from revenue sharing program.
|