MC7005 SECURITY IN COMPUTING NOTES ANNA UNIVERSITY

MC7005 SECURITY IN COMPUTING NOTES ANNA UNIVERSITY

UNIT I ELEMENTARY CRYPTOGRAPHY

  • Terminology and Background
  • Substitution Ciphers
  • Transpositions
  • Making Good Encryption Algorithms
  • Data Encryption Standard
  • AES Encryption Algorithm
  • Public Key Encryption
  • Cryptographic Hash Functions
  • Key Exchange
  • Digital Signatures
  • Certificates

UNIT II PROGRAM SECURITY

  • Secure programs
  • Non-malicious Program Errors
  • Viruses
  • Targeted Malicious code
  • Controls Against Program Threat
  • Control of Access to General Objects
  • User Authentication
  • Good Coding Practices
  • Open Web Application Security Project Flaws
  • Common Weakness Enumeration Most Dangerous Software Errors

UNIT III SECURITY IN NETWORKS

  • Threats in networks
  • Encryption
  • Virtual Private Networks
  • PKI
  • SSH
  • SSL
  • IPSec
  • Content
  • Integrity
  • Access Controls
  • Wireless Security
  • Honeypots
  • Traffic Flow Security
  • Firewalls
  • Intrusion Detection Systems
  • Secure e-mail.

UNIT IV SECURITY IN DATABASES

  • Security requirements of database systems
  • Reliability and Integrity in databases
  • Redundancy
  • Recovery
  • Concurrency/ Consistency
  • Monitors
  • Sensitive Data
  • Types of disclosures
  • Inference
  • Finding and confirming SQL injection

UNIT V SECURITY MODELS AND STANDARDS

  • Secure SDLC
  • Secure Application Testing
  • Security architecture models
  • Trusted Computing Base
  • Bell-LaPadula Confidentiality Model
  • Biba Integrity Model
  • Graham-Denning Access Control Model
  • Harrison-Ruzzo-Ulman Model
  • Secure Frameworks
  • COSO
  • CobiT
  • Compliances
  • PCI
  • DSS
  • Security Standards
  • ISO 27000 family of standards
  • NIST.

Download SIC Notes