Computer Security Techniques I

Introduction: Overview of computer security, attacks and services, control of hardware software. Usage. Intruders, Viruses and Worms: Intrusion techniques. Nontechnical attacks. Password protection and its vulnerability. Intrusion detection. Nature of viruses. Malicious programs. Types of viruses. Antivirus approaches. Worm propagation and countermeasures: access control, intrusion detection and firewalls. Disaster Recovery: Recovery requirements, policy, strategy, technical team. Execution of recovery plans. Documentation and backup system. Loss estimation. Developing Secure Computer System: External Security Measures, Issue, Security Models [Specification and Verification, Bell and LaPadulla Model, Clark-Wilson Model, Goguen-Meseguer, TCPEC], Discretionary Access Requirements, Mandatory Access Requirements, User Authentication, Access and Information Flow Control, Auditing and Intrusion Detection, Damage Control and Assessment, Microcomputer Security. Entropy, perfect secrecy, unicity distance, complexity theory, NP completeness, number theory. Cryptographic System, Public Key Systems, digital signatures. Network and Telecommunication Security: Fundamentals, Issue, Objective and Threats, Security Services, Distributed System Security, The Trusted Network Interpretation, TNI Security Services, AIS Interconnection Issues, Firewalls [Gateways, Application, Cost and Effectiveness .Database Security: Security Requirements to Databases, Designing the Security, Methods of Protection, Security of Multilevel Database .