2nd semMSCLIS
2nd semMSCLIS
2nd semMSCLIS
(MSCLIS)
(Batch 2013 2015)
nd
Semester
Index
MSCLIS 2 nd Semester
Sl.No.
Topic
Page No.
Core Paper
1.
2.
3.
4.
5.
6.
SOX
7.
Lecture List
Data Information & Cryptography
Total lectures: 30
Program: MSCLIS (2nd Sem)
To understand the concepts of (Stream cipher & Block cipher) encryption and number theory.
To understand public-key parameters and pseudorandom sequences.
To understand the hash functions, authentication and key management techniques.
Detailed Syllabus:
Lectures Required
Unit 1: Number Theory and Overview of Cryptography: Introduction, Information security and
cryptography, Background on functions, Basic terminology and concepts, Symmetric-key
encryption, Digital signatures Authentication and identification, Public-key cryptography, Hash
functions, Protocols and mechanisms, Key establishment, management, and certification. (3 C
Hrs)
Unit 2: Public-Key Parameters: Introduction, Probabilistic primality tests, (True) Primality tests,
Prime number generation, Irreducible polynomials over Zp, Generators and elements of high
order. (5 C Hrs)
Unit 3: Pseudorandom Bits and Sequences: Introduction, Random bit generation, pseudorandom
bit generation, Statistical tests, and cryptographically secure pseudorandom bit generation. (5 C
Hrs)
Unit 4: Stream Ciphers: Introduction, Feedback shift registers, Stream ciphers based on LFSRs
and Other stream ciphers. Block Ciphers: Introduction and overview, Background and general
concepts, Classical ciphers and historical development, DES, IDEA, RC5 and other block
ciphers (5 C Hrs)
Unit 5: Hash Functions and Data Integrity: Introduction, Classification and framework, Basic
constructions and general results, Unkeyed hash functions (MDCs), Keyed hash functions
(MACs), Data integrity and message authentication, Advanced attacks on hash functions (5 C
Hrs)
Unit 6: Identification and Entity Authentication: Introduction, Passwords (weak authentication),
Challenge-response identification (strong authentication), Customized and zero-knowledge
identification protocols and Attacks on identification protocols. (3 C Hrs)
Unit 7: Key Management Techniques: Introduction, Background and basic concepts, Techniques
for distributing confidential keys, Techniques for distributing public keys, Techniques for
controlling key usage, Key management involving multiple domains, Key life cycle issues and
Advanced trusted third party services. Key Establishment Protocols: Key Transport and
Agreement based on Symmetric and Asymmetric techniques. (4 C Hrs)
Recommended Books
Text Books
Handbook of Applied Cryptography, by A. Menezes, P. van Oorschot, and S. Vanstone, CRC
Press, 1996.
Reference Books
Modern Cryptography: Theory and Practice by Wenbo Mao Hewlett-Packard Company, Prentice
Hall PTR 2003.
Cryptography and Network Security by William Stallings, Prentice Hall, Fourth Edition.
Lab Guidelines ( -2-credit hour)
Before Mid Semester Exam
All types of Primality Test
All types of Statistical Test
After Mid Semester
Stream Cipher
Block Cipher
Hash code Generation.
(Deemed University)
Lecture List
Database Management & 4GLs
Total lectures: 45
Program: MSCLIS (2nd Sem)
This course is intended to prepare you to design, develop and use information systems using
database management systems (DBMS). We will explore the practices, issues and theoretical
foundations of organizing and analyzing information and information content for the purpose of
designing effective and useful databases. This course will introduce you to the principles of
database systems and database design. You will learn how to use DBMS to construct information
systems for a wide range of applications.
These topics will be examined through readings, discussion, hands-on experience using various
database management systems, and through exercises designed to help explore the capabilities
and utility of different database systems.
Detailed Course:
Introduction to databases and database management systems,
The conceptual data model,
The Relational data model.
Structured Query language (SQL),
Fourth Generation Environments,
The future of the relational model: extensions and replacements,
Transaction processing, Triggers, Indexes, Security, PL/SQL,
Functions, Procedures, Cursors.
Oracle Developer/2000,
Forms, Reports, Graphics Designer/2000 Applications.
Reference Books:
1. Database System Concepts by Abraham Silberschatz et el, 5 th Edition, TMH Publishing Co.
2. Database Management System by Raghu Ramakrishnan et el, 3 rd Edition, TMH Publishing Co.
3. Oracle 10g Programming : A Primer Rajshekhar Sunderraman 2 nd Edition, Addition Wesley
Publishing Co.
Lecture List
Network Security
Total lectures: 45
Program: MSCLIS (2nd Sem)
Course Objective
This course provides an essential study of computer security issues and methods in networking
systems. Topics to be covered include review of networking, advanced cryptography, access
control, distributed authentication, TCP/IP security, firewalls, IPSec, Virtual Private Networks,
and intrusion detection systems.
Detailed Syllabus:
Lectures Required
Unit 1: Introduction to Network security, Model for Network security, Model for Network
access security. (2 C Hrs)
Unit 2:
Real-time Communication Security: Introduction to TCP/IP protocol stack,
Implementation layers for security protocols and implications, IPsec: AH and ESP, IPsec: IKE.
(7 C Hrs)
Unit 3: Media- Based-Vulnerabilities, Network Device Vulnerabilities, Back Doors, Denial of
Service (DoS), Spoofing, Man-in-the-Middle, and replay, Protocol-Based Attacks, DNS Attack,
DNS Spoofing, DNS Poisoning, ARP Poisoning, TCP/IP Hijacking . (10 C Hrs)
Unit 4: Virtual LAN (VLAN) , Demilitarization Zone (DMZ) , Network Access Control (NAC),
Proxy Server , Honey Pot , Network Intrusion Detection Systems (NIDS) and Host Network
Intrusion Prevention Systems Protocol Analyzers, Internet Content Filters, Integrated Network
Security Hardware . (10 C Hrs)
Unit 5: Authentication: Kerberos, X.509 Authentication Service, Scanning: Port Scanning, Port
Knocking- Advantages, Disadvantages. Peer to Peer security.(4 C Hrs)
Unit 6: Electronic Mail Security: Distribution lists, Establishing keys, Privacy, source
authentication, message integrity, non-repudiation, proof of submission, proof of delivery,
message flow confidentiality, anonymity, Pretty Good Privacy (PGP) (6 C Hrs)
Unit 7: Firewalls and Web Security: Packet filters, Application level gateways, Encrypted
tunnels, Cookies. Assignments on latest network security techniques (6 C Hrs)
Recommended Books
Text Books
Mark Ciampa Security + Guide to Network Security Fundamentals/Edition 3 Cengage Learning
publisher, ISBN-10: 1428340661 ISBN-13: 978-1428340664
William Stallings, Cryptography and Network Security Principles and Practices, Prentice
Hall of India, Third Edition, 2003.
Reference Books
Cisco: Fundamentals of Network Security Companion Guide (Cisco Networking Academy
Program).
Saadat Malik, Saadat Malik. Network Security Principles and Practices (CCIE Professional
Development). Pearson Education. 2002. (ISBN: 1587050250)
Lab Guidelines ( -2-credit hour)
Before Mid Semester Exam
NS-2 Fundamentals learning
DoS attack generation
After Mid Semester
Kerberos Implementation
VPN generation
PGP implementation
(Deemed University)
Lecture List
Technical Risk Assessment
Total lectures: 30
Program: MSCLIS (2nd Sem)
To orient the students about the different types of methodology existing for risk assessment, to
expose the students to evaluate with I.T infrastructure component and business process
evaluation, to educate the student to conduct Vulnerability Assessment and Penetration Testing.
Detailed Syllabus:
1.
2.
3.
4.
5.
6.
7.
Lectures Required
Lab:
1.
(Deemed University)
Lecture List
BCP & DRP
Total lectures: 30
Program: MSCLIS (2nd Sem)
Lectures Required
(Deemed University)
Lecture List
SOX
Total lectures: 30
Program: MSCLIS (2nd Sem)
Recent corporate failures around the world owing to accounting frauds mandated the conception
and framing of a sound legislation system which ensures the security of data maintained by
corporate and the Sarbanes-Oxley Act, 2002 was enacted. This course therefore exposes the
students to the importance of this act in providing IT security to every kind of records, including
financial records.
Detailed Syllabus:
Lectures Required
Unit 1: Meaning of SOX, its legislative history, McKesson Scandal, Enron Scandal, scope of the
act, relevance, costs and benefits, implications for Indian companies, implications for US
subsidiaries in India
Lectures Required: 04
Unit 2: Outline of the act, role of auditors, lawyers, CEOs and CFOs, stakeholders protection,
white-collar crimes, whistle-blower protection, The Dodd-Frank Whistle Blower Program,
Documentation: Form 10-K, 10-Q, 8-K, Public Company Accounting Oversight Board
(PCAOB), role & responsibilities of audit committee
Lectures
Required: 06
3. Understanding SOX (Sarbanes Oxley Act) by Abhishek Sharma Bharat Law House
10
Lecture List
PCI & DSS
Total lectures: 30
Program: MSCLIS (2nd Sem)
Course Objective
Lectures Required
Unit 1: Introduction to fraud, ID theft and regulatory mandates, PCI Introduction, Risk and
Consequences, Benefits of Compliance. (3 C Hrs)
Unit 2: PCI data security standard, PCI DSS Application Information, Scope of Assessment for
compliance with PCI DSS requirements, Instructions and content for report on Compliance (5 C
Hrs)
Unit 3: Building & Maintaining a Secure Network: Introduction, Maintaining Firewall
configuration, PCI DSS requirements, Intrusion Detection Systems, Antivirus Solutions, System
defaults and other Security requirements. (5 C Hrs)
Unit 4: Card holder Data protection mechanism, Vulnerability Management, Logging Access
and Event and Access Control Measures (5 C Hrs)
Unit 5: Monitoring & Testing: Introduction, Monitoring PCI environment, Auditing network and
data access, Testing monitoring system and processes. (4 C Hrs)
Unit 6: PCI DSS in wireless: Operation guide for complying with PCI DSS, Applicable
requirements pertaining to wireless for all networks and in-scope wireless networks. (4 C Hrs)
11
Unit 7: Information Security Policy for DSS, Case study: How to plan a project to meet
compliance, Responsibilities and Auditing. (4 C Hrs)
Recommended Books & White Paper
PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance
by Tony Bradley (Technical Editor), James D. Burton, Anton Chuvakin,Anatoly Elberg,Brian
Freedman,David King,Scott Paladino, Paul Shcooping, Elsevier.2007.
Information Supplement: PCI DSS Wireless Guideline Prepared by the PCI SSC Wireless
Special Interest Group (SIG) Implementation Team, White Paper, July 2009.
Reference Books
Payment Card Industry (PCI) Data Security Standard Requirements and Security Assessment
Procedures Version 2.0, Prepared by the PCI SSC Special Interest Group (SIG) Implementation
Team, October 2010.
Payment Card Industry Data Security Standard Handbook by Timothy M. Virtue , John wiley
and sons, 2009.
Lab Guidelines ( -1-credit hour)
Before Mid Semester Exam
Analysis of the card information flow through packet sniffer
12