Course in Information Security in Business: Privary, Trust and Control

At IIM-C we firmly believe that information is power. In the years to come the need for increased sharing of information will govern the changes in organizational structure. A basic understanding of information systems is thus mandatory. We endeavor to ensure that you drive the e-commerce revolution. These courses not only equip you with software tools but also impart an understanding of the hardware which will help you set design your own database. It's time you started your own dotcom at IIMC.

Course Objectives

To expose the students to the issues of privacy and security of information encountered in business operations performed within an organization, across organizations, between an organization and one or more persons, or among two or more people (B2B, B2C, C2C, etc.) who are separated by time, space and culture. To understand the risks arising due to wrong handling of security issues in managing information of a business which are always exposed to attacks by rival businesses or malicious users. To enable the student to measure the information security liability of a business (organization), to plan its security management, to formulate the security policy, to establish security procedures and practices, to develop a trust management system, to understand the impact of security failure to the organization and to estimate the costs of security failure to the business, to insure against possible security failures, and finally to plan a disaster recovery and business continuation. Also to understand various aspects of security with respect to different devices or systems such as mobile, wireless and ad hoc networks, grid (networks) and enterprise networks, sensor networks, smart card, RFID, and their impact or relation to the business at hand.
Course Content

Introduction; Cryptographic concepts; Information security in business: planning, control, management and policy; Identity management; Information risk management (including risk assessment); Trust modeling and trust management system; Disaster recovery and business continuation plan; Security insurance policy; Security of devices and systems: mobile / wireless / ad hoc / sensor networks; Grid computing security; Security issues for software development process (to protect against software vulnerability); Security related legal and ethical issues (including personal security).
Pedagogy

Lecture; Industry presentations; Topic presentations by students; Case discussions; and Project discussion and presentations (by students). This course aims to involve students in various facets of the course.