University of Gujrat

Faculty of Computingand Information Technology

Title Information Security

Code CS-324
Credit Hours 3
Prerequisite Data Communication and Networking, System and Network Administration
Category Information Technology - Core
Aims and Objectives  The course will provide the student with an understanding of the principles of information security
management that are commonly used in business.
 It will introduce the student to commonly used frameworks and methods and explore critically the
suitability and appropriateness of these for addressing today's organizational security needs.
Learning Outcomes  The successful participant will:

 have an understanding of the key themes and principles of information security management and be
able to apply these principles in designing solutions to managing security risks effectively;
 understand how to apply the principles of information security management in a variety of contexts;
 have an appreciation of the interrelationship between the various elements of information security
management and its role in protecting organizations.
Reference Material  1. W. Stallings and W. Stallings, “Cryptography and network security”. Upper Saddle
River, N.J.: Prentice Hall, 1999.
2. M. Whitman and H. Mattord, “Principles of information security” Boston, Mass.:
Thomson Course Technology, 2003.
3. M. Bishop, “Introduction to computer security”, Boston: Addison-Wesley, 2005.
 Lecture Slides Provided by Instructor
 Marks in Letter Grade Numeric Value of Grade Description
Percentage
85 and above A+ 4.00 Exceptional
80-84 A 3.70 Outstanding
75-79 B+ 3.40 Excellent
Grading System 70-74 B 3.00 Very Good
65-69 B- 2.50 Good
60-64 C+ 2.00 Average
55-59 C 1.50 Satisfactory
50-54 D 1.00 Pass
49 and below F 0.0 Fail
W Withdrawal
I Incomplete

Class Attendance A minimum of 70% attendance is required for a student to be eligible to sit in the finalexamination

A. W. Stallings and W. Stallings, “Cryptography and network security”. Upper Saddle

River, N.J.: Prentice Hall, 1999.
Text Book B. W. Stallings and W. Stallings, “network security essential”.
C. M. Whitman and H. Mattord, “Principles of information security” Boston, Mass.:
Thomson Course Technology, 2003
Course Instructor Mujahid Afzal

Note: Attendance will not carry any marks; rather it will be a prerequisite to sit in paper
Week Lectures Topics Recommendations for Learning Activities
Source(Book-
Chapter No) (Mention Assignments, Test, Quizzes, Practical, Case Study, Projects,
Lab Work or Reading Assignments)
1 1  Basic notions of confidentiality, integrity, CH-1 – Book A
availability
2  Model of Info Security, Types of Attacks CH-1 – Book A
2 3  Classical Encryption Techniques, CH-2 – Book A
Symmetric Encryption Principals
4  Substitution techniques, CH-2 – Book A
 Caesar Cipher
 Monoalphabetic Ciphers
3 5  Playfair Cipher CH-2– Book A Assignment 1
 Hill Cipher
 Polyalphabetic Ciphers
6  Transposition Techniques CH-2– Book A
Quiz 1
4 7  Block Cipher Principles CH-3 – Book A
 Stream Ciphers and Block Ciphers
Motivation for the Feistel Cipher Structure
 The Feistel Cipher
8  The Data Encryption Standard CH-3– Book A
 DES Encryption
 DES Decryption
5 9  A Des Example Ch-3 – Book A
 Results
 The Avalanche Effect
 The Strength of Des
 The Use of 56-Bit Keys
 The Nature of the DES Algorithm
 Timing Attacks
 10  Differential and Linear Cryptanalysis CH-3– Book A
 Differential Cryptanalysis
 Linear Cryptanalysis
 Block Cipher Design Principles
 DES Design Criteria
 Number of Rounds
 Design of Function F
 Key Schedule Algorithm
6 11  Multiple Encryption and Triple DES CH-6 – Book A
Assignment 2
 Double DES
 Triple DES with Two Keys
 Triple DES with Three Keys
12  Electronic Code Book CH-6– Book A
Quiz 2
 Cipher Block Chaining Mode
7 13  Cipher Feedback Mode CH-6– Book A
 Output Feedback Mode
 Counter Mode
14  Principles of Public-Key Cryptosystems CH-9-– Book A
 Public-Key Cryptosystems
 Applications for Public-Key
Cryptosystems
 Requirements for Public-Key
Cryptography
 Public-Key Cryptanalysis
8 15 Revision
16 Midterm Exam
9 17  The RSA Algorithm CH-8– Book A
 Description of the Algorithm
 Computational Aspects
 The Security of RSA
18  Applications of Cryptographic Hash CH-11 – Book A
Functions
 Message Authentication
10 19 CH-11 – Book A
 Digital Signatures
 Properties
20  Attacks and Forgeries CH-8 – Book A
 Digital Signature Requirements
 Direct Digital Signature
11 21  Symmetric Key Distribution Using CH-14 – Book A
Symmetric Encryption
22  laws, regulations, and professional CH-3 – Book C
organizationsin information security
• Explain the differences between laws and ethics
12 23  Role of access control in computer-based CH-6 – Book C Quiz 3
information systems, and identifyand
discuss widely used authentication factors
24  Various approaches to control remote and CH-6 – Book C Assignment 3
dial-up access by authenticating
andauthorizing users
13 25  Relationship between information security CH-9 – Book c
and physical security
 key physical security considerations
26  Requirements needed to ensure the privacy CH-11 – Book C
of personnel data Quiz 4
14 27  Identify and describe the categories and CH-11 – Book A
models of intrusion detection and Assignment 4
prevention systems
28  The detection approaches employed by CH-7 – Book C
modern intrusion detection and prevention
systems
15 29  Define risk management, risk CH-5 – Book C
identification, and risk control
30 • Describe how risk is identified and assessed CH-5 – Book C
16 31 Log Maintenance Final Presentation
32 Discussion Discussion
Critical Discussion and Review of Content Studied