Scribd Logo
Upload

Welcome to Scribd!

  • Lecture1 Intro (Part-I)

    Uploaded by

    Love Gates
    5 views30 pages

    Original Title

    Lecture1_Intro(Part-I)

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views30 pages

    Lecture1 Intro (Part-I)

    Uploaded by

    Love Gates

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 30

    Welcome to

    Foundation of Information Security


    Foundation of Information
    Security
    Lecture-1
    Introduction
    • Instructor : Sweta Mishra
    • Room No. : 219C, Block-C
    • Phone Number: 477 (internal)
    • Email : sweta.mishra@snu.edu.in
    • Web Link : https://cse.snu.edu.in/people/faculty/sweta-mishra

    • Research Interests
    • Cryptography, Password-based Cryptosystems, Biometric Security, Information
    Security, Blockchain Technology…
    • Google scholar link: https://scholar.google.co.in/citations?user=nqSP0nIAAAAJ&hl=en
    Spring Semester 2024: Timetable
    Lecture Time: 9:30 – 10:55 AM (Monday & Wednesday)
    Credits: 3
    Contact Hours (L:T:P): 3:0:0

    Office hour: Wednesday (3:00 PM - 4:00 PM) or email appointment.


    Course logistics
    • Lecture slides, assignments will be posted on ‘Blackboard’.
    • For each assignment there will be a deadline for submission.
    • Be sure that you complete the exercise well before the deadline and
    submit your assignment in time, submitted after due date will not be
    evaluated.
    Course Grading Structure
    • These weights are indicative, and may change as semester progresses

    Evaluation Instrument Weightage


    Mid Term 30%
    Quiz 15%
    Assignment 10%
    Programming Assignment 15%
    End Term 30%
    Evaluation Strategy

    • Relative Grading

    • Attendance requirement: 75% (minimum) or as per university policy.


    Course contents
    • Security Overview, CIA model, Threats, Security Policies and Mechanisms

    • Cryptography Basics: Stream Ciphers and Block Ciphers, Public Key Cryptography,
    Hash Functions

    • Authentication and Access Control

    • Malicious Software: Trojan Horses, Viruses, Worms, Logic Bombs, Defenses.

    • Denial-of-Service Attacks: DoS, DDoS, Defenses.

    • Intrusion Detections, Firewalls and Intrusion Prevention Systems

    • Protocols: TLS security, Authentication protocol


    Recommended
    Books

    1. Matt Bishop, S.S.


    Venkatramanayya, “Introduction
    to Computer Security, 3/e”,
    Pearson Education

    2. W Stallings, “Cryptography and


    Network Security: Principles and
    Practice, 6/e”, Prentice Hall
    What is Security?
    What is Security?
    - Protection of our assets
    Physical Security

    Image source: web


    Logical Assets

    • Data or Intellectual property


    • Main focus on securing our logical assets
    Computers are Ubiquitous!

    Online
    - work/ school
    - Play games
    - Buy goods from merchants
    - track activities with sensors on our wrists.
    - Connect IoTs

    Access of information on a click!!!


    Computers are Ubiquitous!

    Online
    - work/ school
    - Play games
    - Buy goods from merchants
    - track activities with sensors on our wrists.
    - Connect IoTs

    Poses Major
    Access of information on a click!!! Security Risks…
    Authorized Access
    Biometric
    Authentication
    Alternate
    approach to
    Fingerprint…
    Secure?
    Liveness
    detection – Face
    Recognition?
    Blink your
    Eyes…
    Personal Identifying Information!
    Database Breach!
    Many Challenges…

    • When securing an asset, system, or environment, we must consider


    how the level of security relates to the value of the item being
    secured.
    • No single activity or action will make you secure in every situation.
    • Always emerging new attacks to which, you are vulnerable.
    • Conducting different level of awareness programs
    • ……
    Difficult to define user Security!
    • Insecure approaches are easier to list down
    • Not applying security patches or application updates to your systems
    • Using weak passwords
    • Downloading programs from the internet
    • Opening email attachments from unknown senders
    • Using wireless networks without encryption
    Why this course is important ?
    • In this era of ubiquitous computing where we are connected to each
    other through so many computing devices, it is important to protect
    our data.
    • Technology changes at an increasingly rapid rate but theory about
    keeping ourselves secure lags behind.
    • Good understanding of the basics of information security helps to
    cope with changes as they come.
    Why this course is important ?
    • In this era of ubiquitous computing where we are connected to each
    other through so many computing devices, it is important to protect
    our data
    • Data protection can be divided into 2 parts:
    • PC Centric
    • Safety of sensitive data from unauthorized access within your computing device
    • Mobile Phones, Laptops, Bank Cards etc.
    • Network Centric
    • Protect data during transmission between computer to computer
    • Distributed Computing
    • Internet and Intranet
    Security

    Digital Forensics Biometrics Security


    Mobile Databases
    Security Security

    Network Hardware Security


    Online Social Distributed Systems
    Security
    Media Security Security

    Cryptography
    Security

    Digital Forensics Biometrics Security


    Mobile Databases
    Security Security

    Network Hardware Security


    Online Social Distributed Systems
    Security
    Media Security Security

    Cryptography
    Learning Outcomes
    • Recognize threats to Confidentiality, Integrity, and Availability of Information
    systems and how security evolves around the CIA principle
    • Understand and explain the basic computer security terminologies
    • To use the security solutions correctly
    • Find and apply documentation of security-related problems and tools
    • Think of the countermeasures to identified threats and argue their effectiveness
    • Compare different security mechanisms
    Information Security
    The term ‘information security’ means protecting
    information and information systems from
    unauthorized access, use, disclosure, disruption,
    modification, or destruction in order to provide
    confidentiality, integrity and availability

    — Federal Information Security Modernization Act of 2014.

    You might also like