Security in Computing

Online Study Material, Lecturing Notes, Assignment, Reference, Wiki and important questions and answers

Security in Computing


Chapter 1 : Is There a Security Problem in Computing


=> What Does "Secure" Mean?
=> Protecting Software in Automobile Control Systems
=> Attacks
=> Why Universities Are Prime Targets
=> The Meaning of Computer Security
=> Record Record Loss
=> Top Methods of Attack
=> Computer Criminals
=> The Terrorists, Inc., IT Department
=> Methods of Defense

Chapter 2 : Elementary Cryptography


=> Elementary Cryptography
=> Elementary Cryptography - Terminology and Background
=> Substitution Ciphers
=> Transpositions (Permutations)
=> Making "Good" Encryption Algorithms
=> The Data Encryption Standard(DES)
=> The AES Encryption Algorithm
=> Public Key Encryption
=> The Uses of Encryption

Chapter 3 : Program Security


=> Program Security
=> Secure Programs
=> Nonmalicious Program Errors
=> Viruses and Other Malicious Code
=> Nonmalicious Flaws Cause Failures
=> Why Worry About Malicious Code?
=> Kinds of Malicious Code
=> Rapidly Approaching Zero
=> How Viruses Attach
=> How Viruses Gain Control
=> Homes for Viruses
=> Virus Signatures
=> The Source of Viruses
=> Prevention of Virus Infection
=> Truths and Misconceptions About Viruses
=> First Example of Malicious Code: The Brain Virus
=> Example: The Internet Worm
=> More Malicious Code: Code Red
=> Malicious Code on the Web: Web Bugs
=> Is the Cure Worse Than the Disease?
=> Trapdoors - Targeted Malicious Code: Examples, Causes
=> Salami Attack
=> Rootkits and the Sony XCP
=> Privilege Escalation
=> Interface Illusions
=> Keystroke Logging
=> Man-in-the-Middle Attacks
=> Timing Attacks
=> Covert Channels: Programs That Leak Information
=> Controls Against Program Threats
=> The Nature of Software Development
=> Modularity, Encapsulation, and Information Hiding
=> Peer Reviews
=> Hazard Analysis
=> Testing
=> Good Design and Prediction
=> Static Analysis
=> Configuration Management
=> Lessons from Mistakes
=> There's More Than One Way to Crack a System
=> Formal Methods Can Catch Difficult-to-See Problems
=> Programming Practice Conclusions
=> Standards of Program Development
=> Process Standards
=> Program Controls in General

Chapter 4 : Protection in General Purpose Operating Systems


=> Protection in General-Purpose Operating Systems
=> Protected Objects and Methods of Protection
=> Memory and Address Protection
=> Control of Access to General Objects
=> File Protection Mechanisms
=> User Authentication
=> Biometrics: Ready for Prime Time?
=> Passwords as Authenticators
=> Additional Authentication Information
=> Attacks on Passwords
=> Password Selection Criteria
=> The Authentication Process
=> Biometrics: Authentication Not Using Passwords

Chapter 5 : Designing Trusted Operating Systems


=> Designing Trusted Operating Systems
=> What Is a Trusted System?
=> Security Policies
=> Models of Security
=> Trusted Operating System Design
=> The Importance of Good Design Principles
=> Trusted System Design Elements
=> Security Features of Ordinary Operating Systems
=> Security Features of Trusted Operating Systems
=> Kernelized Design
=> Separation/Isolation
=> Virtualization
=> Layered Design
=> Assurance in Trusted Operating Systems
=> Typical Operating System Flaws
=> Assurance Methods
=> Open Source
=> Evaluation
=> Security as an Add-On

Chapter 6 : Database and Data Mining Security


=> Database and Data Mining Security
=> Introduction to Databases
=> Security Requirements
=> Reliability and Integrity
=> Sensitive Data
=> Inference
=> Multilevel Databases
=> Proposals for Multilevel Security
=> Data Mining

Chapter 7 : Security in Networks


=> Security in Networks
=> Network Concepts
=> Network Media
=> Network Protocols
=> Types of Networks
=> Threats in Networks
=> Who Attacks Networks?
=> Threats in Transit: Eavesdropping and Wiretapping
=> Protocol Flaws
=> Impersonation
=> Message Confidentiality Threats
=> Message Integrity Threats
=> Format Failures
=> Web Site Vulnerabilities
=> Denial of Service
=> Distributed Denial of Service
=> Threats in Active or Mobile Code
=> Threats in Active or Mobile Code
=> Networks Complex Attacks
=> Network Security Controls - Security Threat Analysis
=> Architecture - Security in Networks
=> Encryption - Security in Networks
=> Content Integrity - Security in Networks
=> Strong Authentication and Kerberos - Security in Networks
=> Access Controls - Security in Networks
=> Wireless Networks Security
=> Honeypots, Alarms and Alerts - Security in Networks
=> Traffic Flow Security
=> Firewalls
=> Types of Firewalls
=> Example Firewall Configurations
=> Intrusion Detection Systems
=> Types of IDSs(Intrusion Detection Systems)
=> Goals for Intrusion Detection Systems
=> Intrusion Detection Systems(IDS) Strengths and Limitations
=> Secure E-Mail

Chapter 8 : Administering Security


=> Administering Security
=> Security Planning
=> Contents of a Security Plan
=> Security Planning Team Members
=> Assuring Commitment to a Security Plan
=> Business Continuity Plans
=> Incident Response Plans
=> Risk Analysis
=> The Nature of Risk
=> Steps of a Risk Analysis
=> Arguments For and Against Risk Analysis
=> Organizational Security Policies
=> Characteristics of a Good Security Policy
=> Policy Issue Example: Government E-mail
=> Physical Security
=> Interception of Sensitive Information
=> Contingency Planning
=> Physical Security Recap

Chapter 9 : The Economics of Cybersecurity


=> The Economics of Cybersecurity
=> Making a Business Case
=> Quantifying Security
=> The Economic Impact of Cybersecurity
=> Data to Justify Security Action
=> A Summary of Recent Security Surveys
=> Are the Data Representative?
=> Sources of Attack and Financial Impact
=> Modeling Cybersecurity
=> Current Research and Future Directions

Chapter 10 : Privacy in Computing


=> Privacy in Computing
=> Privacy Concepts
=> Computer-Related Privacy Problems
=> Privacy Principles and Policies
=> Authentication and Privacy
=> What Authentication Means
=> Data Mining
=> Privacy on the Web
=> Spyware
=> Shopping on the Internet
=> E-Mail Security
=> Impacts on Emerging Technologies

Chapter 11 : Legal and Ethical Issues in Computer Security


=> Legal and Ethical Issues in Computer Security
=> Protecting Programs and Data
=> Copyrights - Protecting Programs and Data
=> Patents - Protecting Programs and Data
=> Trade Secrets
=> Protection for Computer Objects
=> Information and the Law
=> Rights of Employees and Employers
=> Redress for Software Failures
=> Computer Crime
=> Why Computer Crime Is Hard to Define and Prosecute
=> Examples of Statutes
=> International Dimensions
=> Why Computer Criminals Are Hard to Catch
=> What Computer Crime Does Not Address
=> Cryptography and the Law
=> Ethical Issues in Computer Security
=> Case Studies of Ethics: Use of Computer Services
=> Case Studies of Ethics: Privacy Rights
=> Case Studies of Ethics: Denial of Service
=> Case Studies of Ethics: Ownership of Programs
=> Case Studies of Ethics: Proprietary Resources
=> Case Studies of Ethics: Fraud
=> Case Studies of Ethics: Accuracy of Information
=> Case Studies of Ethics: Ethics of Hacking or Cracking
=> Codes of Computer Ethics

Chapter 12 : Cryptography Explained


=> Cryptography Explained
=> Mathematics for Cryptography
=> Symmetric Encryption
=> Data Encryption Standard
=> Advanced Encryption Standard
=> Public Key Encryption Systems
=> MerkleHellman Knapsacks
=> RivestShamirAdelman (RSA) Encryption
=> The El Gamal and Digital Signature Algorithms
=> Quantum Cryptography



Copyright © 2018-2020 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.