2015-16
COURSE FILE
OF
NETWORK SECURITY
III B.TECH IISEMESTER
B. NAGESWARA RAO
ASSOCIATE PROFESSOR
FACULTY DETAILS:
Name of the Faculty:: B.NAGESWARA RAO
Designation: Assoc.Prof
Department:: CSE
COURSE DETAILS
Name Of The Programme:: B.Tech cse Batch:: 2013
Designation::
Year Semester II
Department:: cse
Title of The Subject NS Subject Code
No of Students 65
COURSE PLAN
2015-16
Regulation: R12
COURSE PLAN
2015-16
Regulation: R12
FACULTY DETAILS:
Name of the Faculty:: B.NAGESWARA RAO Designation: Assoc.Prof
Department:: CSE
1. TARGET
a) Percentage Pass 100
b) Percentage I class 90
2. COURSE PLAN
(Please write how you intend to cover the contents: i.e., coverage of Units by lectures, guest lectures, design exercises, solving numerical problems, demonstration of models, model preparation, or by assignments, etc.)
3. METHOD OF EVALUATION
3.1. Continuous Assessment Examinations (CAE 1, CAE 2)
3.2. Assignments / Seminars
3.3. Mini Projects
3.4. Quiz
3.5. Term End Examination
3.6. Others
4. List out any new topic(s) or any innovation you would like to introduce in teaching the subject in this Semester.
Signature of HOD Signature of Faculty Date: Date: 7/3/2014
FACULTY DETAILS:
Name of the Faculty:: B.NAGESWARA RAO
Designation: Assoc.Prof
Department:: CSE
Guidelines for Preparing the Course:
Course Description:
The course covers theory and practice of computer security, focusing in particular on the security aspects of the web and Internet. It surveys cryptographic tools used to provide security, such as shared key encryption (DES, 3DES, RC-4/5/6, etc.); public key encryption, key exchange, and digital signature (Diffie-Hellmann, RSA, DSS, etc.). It then reviews how these tools are utilized in the internet protocols and applications such as SSL/TLS, IPSEC, Kerberos, PGP, S/MIME, SET, and others (including wireless). System security issues, such as viruses, intrusion, and firewalls, will also be covered.
Course Objectives:
1. To defined security goals , security attacks ,security services and security mechanism to Security services.
2. T o introduce two techniques , cryptography and steganography to implement security mechanisms
3. To know the general model for security encryption process then to look at three impotent Block encryption algorithms and to introduce symmetric stream encryption. And Applications af these algorithms to achieve confidentiality.
4. To discuss the use of message authentication codes and hash fictions ,public key encryption principles and algorithms,
5. To look at the use of public-key encryption to produce digital signature and issues of key Management.
6. To discuss two protocols that provide security for electronic mail such as PGP and S/MIME
7. To know the importance of IPSec and its architecture and functionalities. 8. To discuss the importance of Web security, protocols and their architectures.
9. To discuss the various Network management protocols and their architectures. 10. To discuss about Intruders , viruses, related threats, To discuss an overview of functionality and
design principles of Firewalls, To discuss the concepts of Trusted system and Intrusion Detection Systems
GUIDELINES TO STUDY THE SUBJECT
2015-16
Regulation: R12
Learning Outcomes: Upon completion of this course, students will be able to:
1. Students can explain the differences between the three major goals of information security: confidentiality, integrity and availability, and can list and explain one Technique for ensuring each.
2. Students can explain how public key cryptography can be used to ensure the identity
of the sender of an encrypted message.
3. Able to demonstrate and apply concept and principle of security Attacks, Services and
Mechanisms.
4. Able to demonstrate existing Conventional encryption algorithms.
5. Expertise in Message authentication, Hash function and Public key encryption.
6. Able to applying Cryptographic algorithms in various real time applications.
7. Able to Investigate and perform various security vulnerability tests.
8. Able to understand impact of the security attacks in real time applications
9. Understand the security vulnerabilities in existing Cryptograph algorithms and network
security protocols.
FACULTY DETAILS: Name of the Faculty:: B.Nageswara Rao
Designation: Assoc.Prof Department:: CSE
On completion of this Subject / Course the student shall be able to:
S.No. Objectives Outcomes 1.
To defined security goals , security attacks ,security services and security mechanism to Security services.
1 2.
T o introduce two techniques , cryptography and steganography to implement security mechanisms
2 3.
To know the general model for security encryption process then to look at three impotent Block encryption algorithms and to introduce symmetric stream encryption. And Applications of these algorithms to achieve confidentiality.
3,4
4.
To discuss the use of message authentication codes and hash fictions ,public key encryption principles and algorithms,
5 5.
To look at the use of public-key encryption to produce digital signature and issues of key Management 5
6.
To discuss two protocols that provide security for electronic mail such as PGP and S/MIME
6 7.
To know the importance of IPSec and its architecture and functionalities 7 8.
To discuss the importance of Web security, protocols and their architectures.
8
9.
Discuss the various Network management protocols and their architectures.
9 10.
To discuss about Intruders , viruses, related threats, To discuss an overview of functionality and design principles of Firewalls, To discuss the concepts of Trusted system and Intrusion Detection Systems 10
Signature of Faculty Date:
Note: For each of the OBJECTIVE indicate the appropriate OUTCOMES to be achieved. Kindly refer Page 16, to know the illustrative verbs that can be used to state the objectives.
COURSE OBJECTIVES
2015-16
Regulation: R12
4
FACULTY DETAILS: Name of the Faculty:: B.Nageswara Rao
Designation: Assoc.Prof Department:: CSE
The expected outcomes of the Course / Subject are:
S.No. General Categories of Outcomes Specific Outcomes of the Course
A. An ability to apply knowledge of mathematics,
science, and engineering
B. An ability to design and conduct experiments, as
well as to analyze and interpret data
An ability to design a system, component, or
C. process to meet desired needs within realistic
Constraints such as economic, environmental,
social, political, ethical, health and safety,
Manufacturability and sustainability
D. An ability to function on multi-disciplinary teams
E. An ability to identify, formulate, and solve
engineering problems
F. An understanding of professional and ethical
responsibility
G. An ability to communicate effectively
The broad education necessary to understand the
H. impact of engineering solutions in a global,
economic, environmental, and societal context
I. A recognition of the need for, and an ability to
engage in life-long learning
J. A knowledge of contemporary issues
An ability to use the techniques, skills, and
K. modern engineering tools necessary for
engineering practice.
Objectives – Outcome Relationship Matrix (Indicate the relationships by mark).
Outcomes A B C D E F G H I J K
Objectives
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
5
COURSE OUTCOMES
2015-16
Regulation: R12
FACULTY DETAILS: Name of the Faculty:: B.NageswaraRao
Designation: Assoc.prof Department:: CSE
The Schedule for the whole Course / Subject is:: 74
S. No. Description Duration (Date) Total No.
From To of Periods
1.
Security goals, security attacks, security services and security mechanism to Security services.
14-12-15 28-12-15 11
2.
Conventional encryption principles 29-12-15 11-1-16 10
3.
public key cryptography principles and algorithms, 12-01-16 25-01-16 10
4.
Electronic mail security
27-01-16 6-02-16 9
5.
IP Security
15-02-14 26-02-16 9
6.
Web security
27-02-63 9-03-16 8
7
Simple Network management
protocols 11-03-16 22-03-16
9
8
Fire walls and IDS 26-03-16 6-04-16 8
Total No. of Instructional periods available for the course: 70 Hours / Periods
COURSE SCHEDULE
2015-16
Regulation: R12
SCHEDULE OF INSTRUCTIONS
2015-16
UNIT - I Regulation: R12
FACULTY DETAILS:
Name of the Faculty:: B.Nageswara Rao
Designation: Assoc.Prof
Department:: CSE
The Schedule for the whole Course / Subject is:: 11
SI.
No. of Objectives & References
Date Topics / Sub - Topics
Outcome (Text Book, Journal…)
No. Periods
Nos. Page No___ to ___
1
14-12-
15
1 Security attacks,( Interruption, Interception, Modification and Fabrication 1 1
T1
2
15-12-
15
1 Security Services (Confidentiality, Authentication ,Integrity, Non-repudiation, access control and Availability), and 1 1
T1
3
16-12-
15
1 Mechanisms,
1 1
T1
4
18-12-
15
1 A Model for Internetwork Security
1 1
T1
5
19-12-
15
1 Internet Standards and RFCs.
1 1
T1
6
21-12-
15
1 Buffer overflow
1 1
T2 T
2
7
22-12-
15
1 format string vulnerabilities
1 1
T2 T
2
8
23-12-
15
2 Secure hash functions and HMAC TCP
session hijacking 1 1
T2 T
2
9
26-12-
15
1 ARP attacks route table modifications
1 1
T2 T
2
10
28-12-
15
1 . UDP hijacking, and man-in-the-middle
attacks
1 1
T2 T
2
Signature of Faculty Date
Note: 1. ENSURE THAT ALL TOPICS SPECIFIED IN THE COURSE ARE MENTIONED. 2. ADDITIONAL TOPICS COVERED, IF ANY, MAY ALSO BE SPECIFIED BOLDLY. 3. MENTION THE CORRESPONDING COURSE OBJECTIVE AND OUT COME NUMBERS AGAINST EACH TOPIC.
SCHEDULE OF INSTRUCTIONS
2015-16
UNIT - II Regulation: R12
FACULTY DETAILS:
Name of the Faculty:: B.Nageswara Rao
Designation: Assoc.Prof
Department:: CSE
The Schedule for the whole Course / Subject is:: 10
SI.
No. of Objectives & References
Date Topics / Sub - Topics
Outcome (Text Book, Journal…)
No. Periods
Nos. Page No___ to ___
1 29 -12-15 1
Conventional Encryption Principles,
2 2
T1
2 30
-12--
15,1-16 2 Symmetric algorithms, DES
2 2
T1
3
2
&
4 -1-16 2
AES algorithms
2 2
T1
4 5 -1-16 1
RC4 algorithm
2 2
T1
5 6 -1-16 1
Cipher block modes of operation
2 2
T1
6 8 -1-16 1
Distribution approaches of Message Authentication.
2 2
T1
7 9 -1-16 1
location of encryption devices key
2 2
T1
8 11-1-16 1
Secure hash functions and HMAC
2 2
T1
Signature of Faculty Date
Note: 1. ENSURE THAT ALL TOPICS SPECIFIED IN THE COURSE ARE MENTIONED. 2. ADDITIONAL TOPICS COVERED, IF ANY, MAY ALSO BE SPECIFIED BOLDLY.
MENTION THE CORRESPONDING COURSE OBJECTIVE AND OUT COME NUMBERS AGAINST EACH TOPIC.
SCHEDULE OF INSTRUCTIONS
2015-16
UNIT - III Regulation: R12
FACULTY DETAILS:
Name of the Faculty:: B.Nageswara Rao
Designation: Assoc.Prof
Department:: CSE
The Schedule for the whole Course / Subject is:: 10
SI.
No. of Objectives & References
Date Topics / Sub - Topics
Outcome (Text Book, Journal…)
No. Periods
Nos. Page No___ to ___
1
12-01-
16 1
Public key cryptography principles
3 3
T1
2
13-01-
16 1
Public key cryptography algorithms ,RSA
3 3
T1
3
16,-01-
16 1 Diffie-Hellman Key Exchange algorithm
3 3
T1
4
18-01-
16 1 Elliptic-curve cryptography snd DSS
3 3
T1
5
19-01-
16 1 digital signatures& certificates
3 3
T1
6
20-01-
16 1 Key management &Certificate authority
3 3
T1
7
21,22,-
01-16 2 Kerberos ,versions
3 3
T1
8
23,25-
1-16 2
X.509 Directory authentication service.
3 3
T1
Signature of Faculty Date
Note: 1. ENSURE THAT ALL TOPICS SPECIFIED IN THE COURSE ARE MENTIONED. 2. ADDITIONAL TOPICS COVERED, IF ANY, MAY ALSO BE SPECIFIED BOLDLY.
MENTION THE CORRESPONDING COURSE OBJECTIVE AND OUT COME NUMBERS AGAINST EACH TOPIC.
SCHEDULE OF INSTRUCTIONS
2015-16
UNIT - IV Regulation: R12
FACULTY DETAILS:
Name of the Faculty:: B.Nageswara Rao
Designation: Assoc.Prof
Department:: CSE
The Schedule for the whole Course / Subject is:: 9
SI.
No. of Objectives & References
Date Topics / Sub - Topics
Outcome (Text Book, Journal…)
No. Periods
Nos. Page No___ to ___
1 27-1-16 1
Electronic mail security
PGP 4 4
T1 T
1
2 28-1-16 1
Pretty Good Privacy
4 4
T1 T
1
3 29-1-16 1
Pretty Good Privacy
4 4
T1 T
1
4
30,1/1-
16 2
s/mime
4 4
T1 T
1
5 2-2-16 1
S/MIME
4 4
T1 T
1
6 3-2-16 1
S/MIME
4 4
T1 T
1
7 5-2-16 1
PGP Revision
4 4
T1 T
1
8 6-2-16 1
S/MIME Revision
4 4
T1 T
1
Signature of Faculty Date
Note: 1. ENSURE THAT ALL TOPICS SPECIFIED IN THE COURSE ARE MENTIONED. 2. ADDITIONAL TOPICS COVERED, IF ANY, MAY ALSO BE SPECIFIED BOLDLY.
MENTION THE CORRESPONDING COURSE OBJECTIVE AND OUT COME NUMBERS AGAINST EACH TOPIC.
SCHEDULE OF INSTRUCTIONS
2015-16
UNIT - V Regulation: R12
FACULTY DETAILS:
Name of the Faculty:: B.Nageswara Rao
Designation: Assoc.Prof
Department:: CSE
The Schedule for the whole Course / Subject is:: 9
SI.
No. of Objectives & References
Date Topics / Sub - Topics
Outcome (Text Book, Journal…)
No. Periods
Nos. Page No___ to ___
1 15-2-16 1
IP Security Overview
5 5
T1
2 16-2-16 1
IP Security architecture
5 5
T1
3 17-2-16 1
Authentication Header
5 5
T1
4
19,20-
2-16 2 ESP
5 5
T1
5 22-2-16 1
5 5
T1
6 23-2-16 1
combining security associations
5 5
T1
7 24—16 1 Key Management, Oakley protocol
5 5
T1
8 26-2-16 1 ISAKMP
5 5
T1
Signature of Faculty Date
Note: 1. ENSURE THAT ALL TOPICS SPECIFIED IN THE COURSE ARE MENTIONED. 2. ADDITIONAL TOPICS COVERED, IF ANY, MAY ALSO BE SPECIFIED BOLDLY.
MENTION THE CORRESPONDING COURSE OBJECTIVE AND OUT COME NUMBERS AGAINST EACH TOPIC.
SCHEDULE OF INSTRUCTIONS
2015-16
UNIT - VI Regulation: R12
FACULTY DETAILS:
Name of the Faculty:: B.Nageswara Rao
Designation: Assoc.Prof
Department:: CSE
The Schedule for the whole Course / Subject is:: 8
SI.
No. of Objectives & References
Date Topics / Sub - Topics
Outcome (Text Book, Journal…)
No. Periods
Nos. Page No___ to ___
1 27-2-16 1
Web security requirements
6 6
T1
2 29-2-16 1
Secure Socket Layer (SSL)
6 6
T1
3 1-03-16 1
Secure Socket Layer (SSL)
6 6
T1
4 2-03-16 1 Handshake protocol
6 6
T1
5 4-03-16 1 TLS
6 6
T1
6 5-03-16 1 Secure Electronic Transaction, Overview
6 6
T1
7 8-03-16 1 Dual Signature
6 6
T1
8 9-03-16 1 Payment Processing
6 6
T1
Signature of Faculty Date
Note: 1. ENSURE THAT ALL TOPICS SPECIFIED IN THE COURSE ARE MENTIONED. 2. ADDITIONAL TOPICS COVERED, IF ANY, MAY ALSO BE SPECIFIED BOLDLY.
MENTION THE CORRESPONDING COURSE OBJECTIVE AND OUT COME NUMBERS AGAINST EACH TOPIC.
SCHEDULE OF INSTRUCTIONS
2015-16
UNIT - VII Regulation: R12
FACULTY DETAILS:
Name of the Faculty:: B.Nageswara Rao
Designation: Assoc.Prof
Department:: CSE
The Schedule for the whole Course / Subject is:: 9
SI.
No. of Objectives & References
Date Topics / Sub - Topics
Outcome (Text Book, Journal…)
No. Periods
Nos. Page No___ to ___
1 11-3-16 1
Basic concepts of SNMP
7 7
T1
2 14-3-16 1
SNMPv1,
7 7
T1
3 15-3-16 1
Community facility
7 7
T1
4 16-3-16 1
and SNMPv3
7 7
T1
5 17-3-14 1
Intruders,
7 7
T1
6 18-3-16 1
Password management
8 7
T1
7
19-
21,3-16 2
Viruses
9
T1
8 22-3-16 1
related threats
8 7
T1
Signature of Faculty Date
Note: 1. ENSURE THAT ALL TOPICS SPECIFIED IN THE COURSE ARE MENTIONED. 2. ADDITIONAL TOPICS COVERED, IF ANY, MAY ALSO BE SPECIFIED BOLDLY.
MENTION THE CORRESPONDING COURSE OBJECTIVE AND OUT COME NUMBERS AGAINST EACH TOPIC.
SCHEDULE OF INSTRUCTIONS
2015-16
UNIT - VIII Regulation: R12
FACULTY DETAILS:
Name of the Faculty:: B.Nageswara Rao
Designation: Assoc.Prof
Department:: CSE
The Schedule for the whole Course / Subject is:: 8
SI.
No. of Objectives & References
Date Topics / Sub - Topics
Outcome (Text Book, Journal…)
No. Periods
Nos. Page No___ to ___
1
26-03-
16 1 Firewall design principles
9 8
T1
2 28-3-16 1 Firewall design principles
10 9
T1
3 29-3-14 1 Trusted Systems
10 9
T1
4 30-3-16 1 Trojan Horse Defense
10 9
T1
5 1-4-16 1
Intrusion Detection Systems.
10 9
T1
6
2,4-4-
16 2
Intrusion Detection Systems
10 9
T1
7 6-4-16 1
Previous questions
10 9
T1
Signature of Faculty Date
Note: 1. ENSURE THAT ALL TOPICS SPECIFIED IN THE COURSE ARE MENTIONED. 2. ADDITIONAL TOPICS COVERED, IF ANY, MAY ALSO BE SPECIFIED BOLDLY.
MENTION THE CORRESPONDING COURSE OBJECTIVE AND OUT COME NUMBERS AGAINST EACH TOPIC.
COURSE COMPLETION STATUS
2015-16
Regulation: R12
FACULTY DETAILS:
Name of the Faculty:: B.Nageswara Rao
Subject:: Subject Code
Department::
Actual Date of Completion & Remarks, if any
Nos. of
Units Remarks Objectives
Achieved
Unit 1
Completed as per schedule 1
Unit 2 Completed as per schedule 2
Unit 3 Completed as per schedule 3
Unit 4 Completed as per schedule 4
5
Unit 5 Completed as per schedule 5
Unit 6 Completed as per schedule 6
Unit 7 7
Unit 8 8,9
Signature of Dean of School Signature of Faculty Date: Date:
NOTE: AFTER THE COMPLETION OF EACH UNIT MENTION THE NUMBER OF OBJECTIVES ACHIEVED.
FACULTY DETAILS:
Name of the Faculty:: B.Nageswara Rao
Designation: Assoc.Prof
Department:: CSE
The Schedule for the whole Course / Subject is::
Date:
This Tutorial corresponds to Unit Nos.I,II Time:
1.What is the OSI security architecture? 2.List and briefly define categories of passive and active security attacks. 3Explain the network security model.
4. What are the essentials ingredients of a symmetric cipher? 5. Compare DES, 3DES, and AES? 6. What is the difference between a session key and a master key? 7. What is the difference between a block cipher and a stream cipher? 8. What is the difference between a link and end to end encryption? 9. What are the advantages of key distributions?
Please write the Questions / Problems / Exercises which you would like to give to the students and also mention the
objectives to which these questions / Problems are related.
Signature of Dean of School Signature of Faculty Date: Date:
TUTORIAL SHEETS - I
2015-16
Regulation: R12
FACULTY DETAILS:
Name of the Faculty:: B.Nageswara Rao
Designation: Assoc.Prof
Department:: CSE
The Schedule for the whole Course / Subject is::
Date:
This Tutorial corresponds to Unit Nos. Time:
1. List three approaches to message authentication? 2. What is a message authentication code? 3. List HMCA Design objectives? 4. How is MA Different from HMAC?
5. Give examples of applications of IPSec. 6. what services are provided by IPSec? 7. List different encryption and authentication algorithms which are used for AH andESP. 8. what is a replay attack? 9. List disadvantages(weaknesses) of Diffie-Hellman key exchange algorithm. 10. .List and briefly define three classes of intruders. 11. .what is the different between statistical anomaly detection and rule-base intrusion detection? 12. List three design goals for a firewall.
Please write the Questions / Problems / Exercises which you would like to give to the students and also mention the
objectives to which these questions / Problems are related.
Signature of Dean of School Signature of Faculty Date: Date:
TUTORIAL SHEETS - II
2015-16
Regulation: R12
These verbs can also be used while framing questions for Continuous Assessment Examinations as well as for End – Semester (final) Examinations.
ILLUSTRATIVE VERBS FOR STATING GENERAL OBJECTIVES
Know Understand Analyze Generate
Comprehend Apply Design Evaluate
ILLUSTRATIVE VERBS FOR STATING SPECIFIC OBJECTIVES:
A. Cognitive Domain
1 2 3 4 5 6
Knowledge
Comprehension Application
Analysis
Synthesis Evaluation
Understanding
of knowledge & of whole w.r.t. its combination of judgement
comprehension
constituents ideas/constituents
Define Convert Change Breakdown Categorize Appraise
Identify Defend Compute Differentiate Combine Compare
Label Describe (a Demonstrate Discriminate Compile Conclude
List procedure) Deduce Distinguish Compose Contrast
Match Distinguish Manipulate Separate Create Criticize
Reproduce Estimate Modify Subdivide Devise Justify
Select Explain why/how Predict Design Interpret
State Extend Prepare Generate Support
Generalize Relate Organize
Give examples Show Plan
Illustrate Solve Rearrange
Infer Reconstruct
Summarize Reorganize
Revise
B. Affective Domain C. Psychomotor Domain (skill development)
Adhere Resolve Bend Dissect Insert Perform Straighten
Assist Select Calibrate Draw Keep Prepare Strengthen
Attend Serve Compress Extend Elongate Remove Time
Change Share Conduct Feed Limit Replace Transfer
Develop Connect File Manipulate Report Type
Help Convert Grow Move preciselyReset Weigh
Influence Decrease Handle Operate Run
Initiate Demonstrate Increase Paint Set
ILLUSTRATIVE VERBS
FOR STATING
INSTRUCTIONAL OBJECTIVES
2015-16
Regulation: R12
LESSON PLAN
Unit-1
2015-16
Regulation: R12
Name of the Faculty: B.NAGESWARARAO
Subject NS Subject Code ns
Unit 1
INSTRUCTIONAL OBJECTIVES: 11
On completion of this lesson the student shall be able to(Outcomes)
Unit 1 Learning Outcomes Upon successful completion of this unit, the student will be able to
.explain the meaning and importance of information security;
explain the ideas behind the basic security concepts as confidentiality, integrity,
and availability;
Session
No Topics to be covered
Time
Ref
Teaching
Method
1 Security attacks,( Interruption, Interception, Modification and Fabrication
50 minuts
T1 Black Board
2 Security Services (Confidentiality, Authentication ,Integrity, Non-repudiation, access control and Availability), and
50 T1 Black Board
3 Mechanisms, 50 T1 Black Board
4 A Model for Internetwork Security 50 T1 Black Board
5 Internet Standards and RFCs.
50 T1
Black
Board,PPT
6 Buffer overflow 50 T2 Black Board
7 format string vulnerabilities
50 T2
Black
Board,PPT
8 Secure hash functions and HMAC TCP session hijacking
50 T2 PPT
9 ARP attacks route table modifications 50 T2 Black Board
10 . UDP hijacking, and man-in-the-middle attacks
50 T2 Black Board
explain the concepts of data and network security as different aspects of
information security;
list the key objectives behind securing information and information systems; and
list some examples of information assets and associated threats.
ASSIGNMENT
Unit-I
2015-16
Regulation: R12
Assignment / Questions 1.What is the OSI security architecture? 2.List and briefly define categories of passive and active security attacks. 3Explain the network security model.
Signature of Faculty Note: Mention for each question the relevant objectives and outcomes.
LESSON PLAN
Unit-II
2015-16
Regulation: R12
Name of the Faculty: B.Nageswara Rao
Subject NS Subject Code NS
Unit II
INSTRUCTIONAL OBJECTIVES: 10
On completion of this lesson the student shall be able to
.
Upon successful completion of this unit, the student will be able to
describe the need for cryptographic algorithms in the context of overall information
security;
explain the steps in DES algorithm for encrypting data;
Sessio
n
No
Topics to be covered
Time
Ref
Teaching
Method
1 Conventional Encryption Principles,
50 Minuts
T1
Black
Board
2 Symmetric algorithms, DES 50 T1
Black
Board
3 AES algorithms
50 T1
Black
Board
4 RC4 algorithm
50 T1
Black
Board
6 Cipher block modes of operation
50 T1
Black
Board,PPT
7 Distribution approaches of Message Authentication. 50 T1
Black
Board
8 location of encryption devices key
50 T1
Black
Board,PPT
9 Secure hash functions and HMAC
50 T1 PPT
explain the steps in Triple DES algorithm for encrypting data; and
explain the steps in AES algorithm for encrypting data.
ASSIGNMENT
Unit-II
2015-16
Regulation: R12
Assignment / Questions
10. 1. What are the two basic functions used in encryption algorithms? 11. What are the essentials ingredients of a symmetric cipher? 12. Compare DES, 3DES, and AES? 13. What is the difference between a session key and a master key? 14. What is the difference between a block cipher and a stream cipher? 15. What is the difference between a link and end to end encryption? 16. What are the advantages of key distributions?
Signature of Faculty Note: Mention for each question the relevant objectives and outcomes.
LESSON PLAN
Unit-III
2015-16
Regulation: R12
Name of the Faculty: B.Nageswara Rao
Subject NS Subject Code NS
Unit III
INSTRUCTIONAL OBJECTIVES: 10
On completion of this lesson the student shall be able to(Outcomes)
Upon successful completion of this unit, the student will be able to
compare and contrast symmetric and asymmetric encryption algorithms;
explain the basic idea behind public-key-based asymmetric algorithms for
encryption-based security of information;
explain the steps in RSA public-key algorithm; and
Session
No Topics to be covered
Time
Ref
Teaching
Method
1 Public key cryptography principles
50 T1
Black
Board
2 Public key cryptography algorithms ,RSA
50 T1
Black
Board
3 Diffie-Hellman Key Exchange algorithm 50 T1
Black
Board
4 Elliptic-curve cryptography snd DSS 50 T1
Black
Board
5 digital signatures& certificates 50 T1
Black
Board,PPT
6 Key management &Certificate authority 50 T1
Black
Board
7 Kerberos ,versions 50 T1
Black
Board,PPT
8 X.509 Directory authentication service.
50 T1 PPT
9 Public-key Infrastructure 50 T1 Black Board
explain the steps in Diffie-Hellman public-key algorithm.
ASSIGNMENT
Unit-III
2015-16
Regulation: R12
Assignment / Questions
13. List three approaches to message authentication? 14. What is a message authentication code? 15. List HMCA Design objectives? 16. How is MA Different from HMAC? 17. What is the difference between a private key and a secret key? 18. What is the digital signature? 19. What is a public key certificate? 20. Explain different crypto algorithms where public key crypto systems are used?
Signature of Faculty Note: Mention for each question the relevant objectives and outcomes.
LESSON PLAN
Unit-IV
2015-16
Regulation: R12
Name of the Faculty: B.Nageswara Rao
Subject NS Subject Code
Unit IV
INSTRUCTIONAL OBJECTIVES: 9
On completion of this lesson the student shall be able to (Outcomes)
Upon successful completion of this unit, the student will be able to
. Explain how Pretty Good Privacy (PGP) secures data
explain the need for security protocols in the context of use with Internet-based
applications;
describe how S/MIME is an Internet standard approach to e-mail security that
incorporate the same functionality as PGP.
.
2.
Session
No Topics to be covered
Time
Ref
Teaching
Method
1 Electronic mail security
PGP
50 T1
Black
Board
2 Pretty Good Privacy 50 T1
Black
Board
3 Pretty Good Privacy 50 T1
Black
Board
4 s/mime 50 T1
Black
Board
5 S/MIME 50 T1
Black
Board,PPT
6 S/MIME 50 T1
Black
Board
7 PGP Revision 50 T1
Black
Board,PPT
8 S/MIME Revision 50 T1 PPT
Black Board
ASSIGNMENT
Unit-IV
2015-16
Regulation: R12
Assignment / Questions 1.What are the five principal services provided by PGP? 2. what is radix-64 conversion?How is it used for an e-mail application? 4 How does PGP provide public key management? 5.what is S/MIME
Signature of Faculty Note: Mention for each question the relevant objectives and outcomes.
LESSON PLAN
Unit-V
2015-16
Regulation: R12
Name of the Faculty: B.Nageswara Rao
Subject NS Subject Code
Unit V
INSTRUCTIONAL OBJECTIVES: 9
On completion of this lesson the student shall be able to (Outcomes)
explain the need for security protocols in the context of use with Internet-based
applications;
describe how Internet Protocol Security (IPSec) secures communications over the
Internet; and
explain how key management portion of IPSec involves the determation and
distribution of secret keys..
Describe how Authentication Header provides support for data integrity and
authentication of packets.
2.
ASSIGNMENT 2015-16
Session
No Topics to be covered
Time
Ref
Teaching
Method
1 IP Security Overview
50 T1
Black
Board
2 IP Security architecture
50 T1
Black
Board
3 Authentication Header
50 T1
Black
Board
4 ESP 50 T1
Black
Board
5 50 T1
Black
Board,PPT
6 combining security associations
50 T1
Black
Board
7 Key Management, Oakley protocol 50 T1
Black
Board,PPT
8 ISAKMP 50 T1 PPT
Unit-V
Regulation: R12
Assignment / Questions 1.Give examples of applications of IPSec. 2.what services are provided by IPSec? 3.List different encryption and authentication algorithms which are used for AH andESP. 4what is a replay attack? 5.List disadvantages(weaknesses) of Diffie-Hellman key exchange algorithm.
Signature of Faculty Note: Mention for each question the relevant objectives and outcomes.
LESSON PLAN
Unit-VI
2015-16
Regulation: R12
Name of the Faculty: B.Nageswara Rao
Subject NS Subject Code
Unit
INSTRUCTIONAL OBJECTIVES: 8
On completion of this lesson the student shall be able to (Outcomes)
.
Describe how Secure Sockets Layer (SSL) enables security of several internet-
based applications;
Describe how TLS enables security of several internet-based applications.
Describe how Secure electronic transaction (SET) is an open encryption and
security specification designed to protect credit card transactions on the Internet.
Session
No Topics to be covered
Time
Ref
Teaching
Method
1 Web security requirements
50 T1
Black
Board
2 Secure Socket Layer (SSL)
50 T1
Black
Board
3 Secure Socket Layer (SSL)
50 T1
Black
Board
4 Handshake protocol 50 T1
Black
Board
5 TLS 50 T1
Black
Board,PPT
6 Secure Electronic Transaction, Overview 50 T1
Black
Board
7 Dual Signature 50 T1
Black
Board,PPT
8 Payment Processing 50 T1 PPT
2.
ASSIGNMENT
Unit-VI
2015-16
Regulation: R12
Assignment / Questions 1List different alert codes of TLS protocol. 2. list the series of messages exchanged between client and server in handshake protocol. 3what services are provided by the SSL Record protocol? 4.what are the advantages of SET protocol? 5.what is adual signature and what is its purpose?
Signature of Faculty Note: Mention for each question the relevant objectives and outcomes.
LESSON PLAN
Unit-VII
2015-16
Regulation: R12
Name of the Faculty: B.Nageswara Rao
Subject NS Subject Code
Unit
INSTRUCTIONAL OBJECTIVES: 9
On completion of this lesson the student shall be able to
Explain the basic idea behind intrusion prevention systems and how they work; and
explain the basic idea behind intrusion detection
Explain the basic idea behind firewalls and how they work;
Describe how a virus can infects other programmes by modifying them.
Describe how a worm can replicate itself and send copies frim computet to
computer across networkconnections,and the worm usually performs unwated
fuctions.
Session
No Topics to be covered
Time
Ref
Teaching
Method
1 Basic concepts of SNMP
50 T1
Black
Board
2 SNMPv1,
50 T1
Black
Board
3 Community facility
50 T1
Black
Board
4 and SNMPv3
50 T1
Black
Board
5 Intruders,
50 T1
Black
Board,PPT
6 Password management
50 T1
Black
Board
7 Viruses
50 T1
Black
Board,PPT
8 and related threats
50 T1 PPT
ASSIGNMENT
Unit-VII
2015-16
Regulation: R12
Assignment / Questions 1.List and briefly define three classes of intruders. 2.what is the different between statistical anomaly detection and rule-base intrusion detection? 3.How are honeyport used for network security? 4.what are the different type of viruses. 5.what is a digital immune system?
Signature of Faculty Note: Mention for each question the relevant objectives and outcomes.
LESSON PLAN
Unit-VIII
2015-16
Regulation: R12
Name of the Faculty: B.Nageswara Rao
Subject NS Subject Code ns
Unit VIII
INSTRUCTIONAL OBJECTIVES: 8
On completion of this lesson the student shall be able to
explain the basic idea behind firewalls and how they work;
explain the basic idea behind intrusion detection Systems.
Session
No Topics to be covered
Time
Ref
Teaching
Method
1 Firewall design principles 50 T1
Black
Board
2 Firewall design principles 50 T1
Black
Board
3 Trusted Systems 50 T1
Black
Board
4 Trojan Horse Defense 50 T1
Black
Board
5 Intrusion Detection Systems.
50 T1
Black
Board,PPT
6 Intrusion Detection Systems
50 T1
Black
Board
7 Previous questions
50 T1
Black
Board,PPT
ASSIGNMENT
Unit-VIII
2015-16
Regulation: R12
Assignment / Questions 1.List three design goals for a firewall. 2.what is IP address spoofing, and how can it be prevented using firewalls? 3.what is an application-level gateway?
Signature of Faculty Note: Mention for each question the relevant objectives and outcomes.