| Course Learning Outcomes (CLOs): |
| At the end of the course the students will be able to: | Domain | BT Level* |
|---|
| BT= Bloom’s Taxonomy, C=Cognitive domain, P=Psychomotor domain, A= Affective domain |
|
|
| Explain key concepts of information security such as design principles, cryptography, risk management, and ethics |
C,P |
2,2 |
| Discuss legal, ethical, and professional issues in information security |
A |
2 |
| Apply various security and risk management tools for achieving information security and privacy |
C |
3 |
| Identify appropriate techniques to tackle and solve problems in the discipline of information security |
C |
4 |
| * BT= Bloom’s Taxonomy, C=Cognitive domain, P=Psychomotor domain, A= Affective domain |
|
|
|
| Topics Covered in the Course, with Number of Lectures on Each Topic (assume 15-week instruction and one-hour lectures) |
| Week | Lecture | Topics Covered |
|---|
| Week 1 |
1 |
Objective and Motivation, Introduction, Course Prerequisites, Course Contents. History of Secure Systems (Source. Wikipedia). |
|
2 |
Basic Principles |
| Week 2 |
3 |
Authentication Models (Authentication, Authorization, Audit, Access Matrix), ACLs, Capability List |
|
4 |
BellLaPadula Model, RBAC, TBAC |
| Week 3 |
5 |
Security Kernels including History of Kernels Security, OS Protection Principles |
|
6 |
Secure Communications Processor (Scomp), Scomp Architecture, SCOMP Security Protection Module, Scomp Trusted Operating Program (STOP) |
| Week 4 |
7 |
Cryptography Algorithms (Symmetric vs. Asymmetric Algorithms) |
|
8 |
Symmetric Algorithms including Data Encryption Standard (DES), 3DES (Triple DES) Blowfish, Two fish |
| Week 5 |
9 |
IDEA (International Data Encryption Algorithm) RC4, RC5, RC6 |
|
10 |
AES (Advanced Encryption Standard), SAFER (Secure and Fast Encryption Routine) Serpent |
| Week 6 |
11 |
Asymmetric Key Algorithms (Diffie-Hellman) |
|
12 |
El Gamal Elliptic curve cryptosystem (ECC) |
| Week 7 |
13 |
Digital Signature Algorithm (DSA) |
|
14 |
Revision |
| Week 8 |
1 hours |
Mid Term |
| Week 9 |
15 |
Message Digest (M.D. Algorithms) One way Hash ,Message Authentication Codes , HMAC |
|
16 |
MD5 Algorithms, HAVAL, Secure Hash Algorithm(SHA) |
| Week 10 |
17 |
Intrusion Detection & Response including Introduction to IDS and IPS, Signature-based, Anomaly-based, Stateful Protocol |
|
18 |
Stateless Protocol, Network-based, Host-based, Network Behavior Analysis (NBA), Wireless IDPS |
| Week 11 |
19 |
Host and Network Security Requirements, Types of Threats, Interruption, Interception, Modification, Fabrication, Communication Lines and Networks, Active & Passive Attacks |
|
20 |
User and Data Oriented Access Control, Malicious Programs , Password Learning Techniques, Trapdoor, Logic Bomb, Trojan Horse, Worms, Zombie, Virus Types and Stages (Parasitic, Memory Resident, Boot Sector, Stealth, Polymorphic) |
| Week 12 |
21 |
The “How-Tos” of Physical Protection, Physical Security Components, Layers of Physical Security for Environmental Design and Physical Access, Monitoring Systems, Physical Zoning, Policy Formation |
|
22 |
Standards and Practices, Enterprise Information Security Policy (EISP). |
| Week 13 |
23 |
Database Security, Database Policy Formulation and Enforcement, Database Administration, Database Policies |
|
24 |
Prevention of unauthorized access, Intentional or accidental to database, DBMS’s Security Features |
| Week 14 |
25 |
Legal and Social Security Issue including Law and Ethics in Information Security, Relevant U.S. Laws (General), Privacy of Customer Information, U.S. Copyright Law, Freedom of Information Act of 1966 (FOIA), |
|
26 |
Digital Millennium Copyright Act (DMCA), United Nations Charter |
| Week 15 |
27 |
Association of Computing Machinery (ACM) Code of Ethics |
|
28 |
Information Systems Audit and Control Association (ISACA) |
| Week 16 |
29 |
Information Systems Security Association (ISSA) |
|
30 |
Revision |
| Week 17 |
2 hours |
Final Term |
|
