SYLLABUS
                                          Information Security and Privacy

          Objectives: To Impart the skills needed to provide security to the system. Student will learn: Various types of threats, Risk
          analysis,  Physical security of infrastructure,  Providing authorization using biometrics,  Network security and cryptography
          techniques, Database security and Web security issues.
             Sr. No.                                         Description

               1.     Information Systems: Meaning, Importance. Global Information Systems: Role of Internet and Web Service.
                      Information System Security & Threats.
               2.     Threats:  New Technologies Open Door Threats. Level of Threats: Information, Network Level.  Threats and
                      Attacks. Computer Viruses. Classifications of Threats and Assessing Damages.
               3.     Building  Blocks  of  Information  Security:  Principles,  Terms,  Three  Pillars  of  Information  Security.
                      Information Classification.
                      Risk Analysis: Risk Management & Risk Analysis. Approaches and Considerations.
               4.     Physical  Security:    Need,  Meaning,  Natural  Disasters,  Controlling  Physical  Access,  Intrusion  Detection
                      System. Controlling Visitors. Fireproof Sales, Security through Cables and Locks.
               5.     Biometrics Controls for Security: Access Control, User Identification & Authentication. Meaning, Biometric
                      Techniques. Key Success factors.
               6.     Network  Security:  Intro,  Network  Types,  Basic  Concepts:  Computer  Security,  Network  Security,  Trusted
                      and UnTrusted Networks. Unknown Attacks.
               7.     Cryptography  &  Encryption:  Meaning,  Applications  of  Cryptography,  Digital  Signature,  Cryptographic
                      Algorithms.
                      Firewalls:  Meaning,  Demilitarized  Zone.  Proxy  Servers.  Packet  Filtering,  Screening  Routers.  Application
                      Level Firewalls, Hardware Level Firewalls.
               8.     Databases Security:  Introduction, Need, Mobile Databases Security, Enterprise Database Security. Database
                      Security Policy.
                      Security Models & Frameworks: Intro, Terminology. Intro to ISO 27001. COBIT,  SSE-CMM.
                      Methodologies for Information System Security: IAM, IEM, SIPES.
               9.     Security Metrics: Intro, Basic, Security Matrix, Classification.
                      Privacy: Meaning, Business Issue, Privacy Vs. Security, Related Terms.
                      Information Privacy Principles.
               10.    Privacy Technological Impacts:  Implications of RFID. Use with Bio-Metrics.  Smart Card Applications.
                      Web Services and Privacy: Privacy on Internet, Web Services,  Privacy Aspects of SOA.