T. Y. B. Tech (Computer Science and Engineering) Sem – V
Information Security (PCC-CS501)
TEACHING SCHEME EXAMINATION SCHEME
Theory: 3 Hrs./Week Theory: ESE 70 Marks CIE 30 Marks
Term work: 50 Marks Practical: 2 Hrs./Week Practical: –
Pre-requisites: Computer Network, Modular Arithmetic &Number Theory, C / C++.
Course Objectives
- To introduce the principles of Crypto-Systems.
- To expose students to various security services and mechanisms used.
- To make the students aware of the security features of PGP, S/MIME, Digital Signatures, IPSec& SSL.
- To make the students understand the system level security issues concerning threats, intruders and use of firewalls and trusted systems.
- To make students to explore non-cryptographic and software vulnerabilities.
Course Outcomes
Upon successful completion of this course, the students will be able to :
- Understand principles of Crypto-systems.
- Compare and analyze various security services and mechanisms.
- Apply and use the features of PGP, S/MIME, DSA, IPSec, SSL in their profession.
- Take precautions of their personal computing system from possible threats and attacks.
- Explore newer vulnerabilities and provide the solutions to them.
Unit No. 1. (Lectures allocated: 6)
The OSI Security Architecture, Symmetric Cipher Models: Substitution Techniques, Transposition Techniques, Block Cipher Principles, The Data Encryption Standard.
Unit No. 2. (Lectures allocated: 7)
Principles of Public-Key Cryptosystems, The RSA Algorithm, Key Management, Diffie-Hellman Key Exchange, Authentication requirements, Authentication functions, MAC and Hash functions and their requirements
Unit No. 3. (Lectures allocated: 5)
Digital Signature, Digital Signature Standard, Authentication applications - Kerberos, X.509 Authentication service.
Unit No. 4. (Lectures allocated: 5)
Email Security - PGP, S/MIME, IP Security - IP Security Architecture, Authentication Header and Encapsulating Security Payload.
Unit No. 5. (Lectures allocated: 6)
Web and System Security - Secure Socket Layer and Transport Layer Security, Secure Electronic Transactions, Intruders, Intruder Detection, Password Management, Firewall Design Principles, and Trusted Systems.
Unit No. 6. (Lectures allocated: 7)
Non-Cryptographic Protocol Vulnerabilities - DoS and DDoS, Session Hijacking and Spoofing, Pharming attacks. Software
Vulnerabilities - Phishing, Buffer Overflow, Format String attacks, SQL Injection.
Term Work
Minimum of 10 Experiments to be performed from the list given below.
Practical should include the implementation and use of the following mechanisms/Algorithms/Tools /Techniques
Implementation can be in C/C++ Programming Language
Experiment List
1. GCD Using Euclidean algorithm/Computing Multiplicative inverses/ Prime number and modular arithmetic operations.
2. Substitution/Transposition/ Product Cipher and their Analysis
3. Single round of DES algorithm/Double DES/ Triple DES and its analysis
4. RSA Algorithm to provide Confidentiality and Authentication services or any other Public-Key Algorithm.
5. Diffie–Hellman or any other key exchange Algorithm.
6. Implementation and use of any authentication functions / algorithm.
7. Generation and use of Digital Signature for real world situation.
8. Usage of PGP security package and S/MIME features.
9. Experimenting with SSL/TLS/E-Commerce Applications and identifying their Vulnerabilities.
10. Demo and usage of network traffic analysis tools.
11. Experimentation on identifying non-cryptographic Protocol Vulnerabilities and remedies thereon.
12. Experimenting on identifying software Vulnerabilities using various tools/techniques and their analysis.
13. Any other Implementation/Demo/Experimentation based on the topics of syllabus.
Text Books
1. Cryptography and Network Security William Stallings Pearson Edition (Unit I to V)
2. Network Security and Cryptography Bernard Menezes Cengage Learning (Unit -VI)
Reference Books
1. Cryptography and
network security Atul Kahate TMGH
2. Cryptography and Network Security Forouzan TMGH
3. Network Security Know it All Joshi et. al Morgan Kaufmann
Post a Comment