Course details of CS 745 - Principles of Data and System Security

Course Name Principles of Data and System Security
Total Credits 6
Type T
Lecture 3
Tutorial 0
Practical 0
Selfstudy 0
Half Semester N
Text Reference Chapters from classic books like 1. Ross Anderson, Security Engineering, 2nd Edition, Wiley publishers, 2008 2. Morrie Gasser, Building a Secure Computer System,Von Nostrand Reinhold,1988 3. Matt Bishop, Computer Security Art and Science, Addison Wesley, 2003 4. Dorothy Denning, Cryptography and Data Security, Addison Wesley, 1982 Research papers ix Name(s) of Instructor(s) *** R. K. Shyamasundar, Bernard Menezes
Description ● Access Control: Mandatory Access Control, Discrete Access Control, Principles of Least Privilege, Distributed Access Control , Role based Access, Attribute Based Access, Key Management, SPKI/SDSI ● Concepts of Security: Confidentiality, Containment, isolation, Privacy, Anonymity, pseudo-anonymity etc., Policy specification, User authentication, Session management, multi-level security, multi-lateral security ● Security Mechanisms: Protection, Confinement, Isolation, Virtual machines, Non-interference Dealing with legacy code, Sandboxes, Separability, Data caging ● OS Security: Principles, Case studies of Operating Systems, secure OS like SELINUX ● Run-Time Monitoring: Security Automata, Edit Automata, Shallow Automata, ● Malware analysis and Counter measures: difficulties, approaches, defense against untrusted code ● Security Models for Information Systems: Bell-LaPadula, Biba, Clark-Wilson, Lattice Model, Chinese Wall Model ● Information Flow Models: Distributed Information Control, Secure OS based on IFC, Conference management systems like EasyChair, HotCrp ● Language based security: Program analysis for Security, secure code practices and tools for secure code writing ● Protocol Specification and Verification: Principles, Cryptographic protocols, protocol specification language characteristics. ● Web security models, application security, Browser Security, Information flow browsers ● Special Topics: Mobile phone security, Android Security, Cloud security, Security of Internet of Things (IoT)
Last Update 30-06-2015 10:36:04.169376