Semester Offering: InterSem

To provide the students with key knowledge about the nature and challenges of computer security, especially the relationship between policy and security, the role and application of cryptography, the mechanisms used to implement policies, the methodologies and technologies for assurance, vulnerability analysis and intrusion detection and building secure systems.


Computer security, cryptography, security protocols, access control, authentication and authorization, system security, intrusion detection, hacking prevention, virus protection.




I.          Introduction

II.        Cryptography
1.   Conventional Encryption
2.   Public Key Encryption and Hash Functions
3.   Digital Signature

III.       Access Control
1.    Security Models and Access Policies
2.    Access Control in Operating Systems
3.  Access Control in Distributed System: Credentials and Certificates, Trust Management, Trust Negotiations.

IV.      Security Protocols
1.    Key Exchange
2.    Authentication
3.    Authentication and Key Exchange
4.     Electronic Payment Protocols: Nonrepudiation, Fairness, Abuse-Freeness, Multiparty Protocols
5.    Formal Analysis

V.       Network Security Practice
1.    Electronic Mail Security
2.    IP Security
3.    Web Application Security

VI.      System Security
1.    Intruder Prevention, Virus Protection
2.    Firewalls

VII.     Security Management


Lecture Notes


B. Schneier:
Applied Cryptography, Second Edition, John Wiley and Son, 1996.

W. Stallings:
Cryptography and Network Security: Principles and Practice, Second Edition, Prentice Hall International, 1999.

D. Gollman:
Computer Security, John Wiley and Sons Ltd., 1998.

C. P. Pfleeger, S.L. Pfleeger:
Security in Computing, 3rd Edition, Prentice Hall, 2002.

M. Rhodes-Ousley, B. Rothke, A. Taylor:
Network Security (The Complete Reference), McGraw-Hill Osborne Media, 2003.

E. D. Zwicky, S. Cooper, D.B. Chapman:
Building Internet Firewalls, Second Edition, O'Reilly, 2000.

C. Adams, S. Lloyd:
Understanding Public-Key Infrastructure: Concepts, Standards and Deployment Considerations, MacMillan Technical Publishing, 1999.

U. O. Pabrai, V. K. Gurbani:
Internet and TCP/IP Network Security, McGraw-Hill, 1996.

L. Loeb:
Secure Electronic Transactions, Artech House Publishers, 1998.

D. O'Mahony, M. Peirce, H. Tewari:
Electronic Payment Systems, Artech House Publishers, 1997.


The final grade will be computed from the following constituent parts:

Mid-semester (20%),
Final exam (50%) and
Assignment and projects (30%).

Open-book examination is used for both mid-semesterand final exam.