Syllabus Data and Information Security - (CW3551) UNIT I INTRODUCTION History, What is Information Security ?, Critical Characteristics of Information, NSTISSC Security Model, Components of an Information System, Securing the Components, Balancing Security and Access, The SDLC, The Security SDLC. (Chapter - 1) UNIT II SECURITY INVESTIGATION Need for Security, Business Needs, Threats, Attacks, Legal, Ethical and Professional Issues - An Overview of Computer Security - Access Control Matrix, Policy - Security policies, Confidentiality policies, Integrity policies and Hybrid policies. (Chapter - 2) UNIT III DIGITAL SIGNATURE AND AUTHENTICATION Digital Signature and Authentication Schemes : Digital signature - Digital Signature Schemes and their Variants - Digital Signature Standards - Authentication : Overview - Requirements Protocols - Applications - Kerberos -X.509 Directory Services. (Chapter - 3) UNIT IV E-MAIL AND IP SECURITY E-mail and IP Security : Electronic mail security : Email Architecture - PGP - Operational Descriptions - Key management - Trust Model- S/MIME. IP Security : Overview- Architecture - ESP, AH Protocols IPSec Modes - Security association - Key management. (Chapter - 4) UNIT V WEB SECURITY Web Security : Requirements - Secure Sockets Layer - Objectives-Layers - SSL secure communication-Protocols - Transport Level Security. Secure Electronic Transaction - Entities DS Verification-SET processing. (Chapter - 5)
