Syllabus Information Security - (IT8073) Unit I Introduction History, What is Information Security ?, Critical Characteristics of Information, NSTISSC Security Model, Components of an Information System, Securing the Components, Balancing Security and Access, The SDLC, The Security SDLC. (Chapter - 1) Unit II Security Investigation Need for Security, Business Needs, Threats, Attacks, Legal, Ethical and Professional Issues - An Overview of Computer Security - Access Control Matrix, Policy-Security policies, Confidentiality policies, Integrity policies and Hybrid policies. (Chapter - 2) Unit III Security Analysis Risk Management : Identifying and Assessing Risk, Assessing and Controlling Risk - Systems : Access Control Mechanisms, Information Flow and Confinement Problem. (Chapter - 3) Unit IV Logical Design Blueprint for Security, Information Security Policy, Standards and Practices, ISO 17799/BS 7799, NIST Models, VISA International Security Model, Design of Security Architecture, Planning for Continuity. (Chapter - 4) Unit V Physical Design Security Technology, IDS, Scanning and Analysis Tools, Cryptography, Access Control Devices, Physical Security, Security and Personnel.(Chapter - 5)
