Master of Science in Information Security - MIS
Short description
Information technology permeates all aspects of society and has become critical to industry, government, and individual well-being. Securing these vital services and structures and the availability of trustworthy information whenever and wherever it is required has become both an area of intensive research and also of burgeoning commercial activity. A master of science in information security will provide the students with the knowledge and theoretical background as well as with the requisite skills and attitudes to succeed in this challenging yet eminently rewarding field.
Duration
This is a two-year master program (120 ECTS credits) which is also available part-time over three or four years. The degree awarded upon completion is “Master of Science in Information Security”.
The program has three tracks: management, technology and digital forensics. Students have to choose which track they pursue when entering the program (see the course structure below).
The program qualifies students to proceed to Ph.D. studies.
Expected learning outcomes
Upon completion of the programme, the students will have a solid understanding of the interdisciplinary field of information security. The graduated students will be proficient in core topics such as security management, computer and network security, incident responds and forensics, and will be able to understand the critical information infrastructures and the security aspects of important IT services which society depends on. The students will also have gained a particular in-depth understanding of either technology, forensics or management issues dependent on their chosen programme track.
The students will be capable of discussing main questions and issues in scientific thinking and will be able to frame research problems and questions. They will have experience in planning and conducting a scientific project and in documenting the results and scientific contributions in the form of a scientific report (through their master thesis).
Internationalization
Students can travel abroad to do their master thesis. The information security group has strong links to many of the leading international academic groups within the field, and students are encouraged to contact their instructor in the course «research project planning» to ask for relevant travel opportunities.
Target Group
There are three focus groups for this study programme:
1. Undergraduate students entering the programme as a continuation of their bachelor degree without any prior work experience.
2. Industry students (or students in private/public sector in general) looking for a full-time or part-time masters programme which is flexible and can be adapted to their employers needs and their own individual needs.
3. International students: full-time, part-time or exchange students arriving for only single semesters.
Admission Criteria
Applicants must have a bachelor degree in computer science or a related subject to qualify for admission. The applicants must document that they have at least 10 ECTS credits in mathematics/statistics and at least 60 ECTS credits in computer science subjects. A grade point average (GPA) of C is required. It is expected that within these credits the following topics have been covered:
- Structural and object-oriented programming
- Algorithms and data structures
- Databases and XML
- Software engineering
- Computer network (Data communication)
- Operating systems and computer architecture
Students who have not had a dedicated course in each of these topics need to be prepared for some extra studying when entering topics that require background knowledge with which they are not sufficiently familiar beforehand.
Graduate studies in information security require a somewhat different mathematical platform than the one included in most bachelor studies. To master the theoretical topics included in the master programme we therefore recommend that the students attend the preparatory courses in number theory and theoretical computer science offered during the first weeks of the fall semester.
Course Structure
The programme is offered in a flexible manner to fit well to all the three target groups of students. In general, on campus presence is required only three times per semester (1-3 days each time), for a start-up session, for mid-term exams/presentations (and a start-up session of second part of the semester) and for final exams/presentations. Attendance is also strongly recommended for the initial first two weeks of the programme when two preparatory intense short-courses in number theory and theoretical computer science are offered . All courses are available online, but there will also be sessions on a regular weekly or bi-weekly schedule. The presence on these sessions is not required.
More details for the upcoming year of study will be given here:
The program has three tracks (paths of study): management, technology and digital forensics. Students have to choose which track they pursue when entering the programme. Common to all three tracks are a set of courses covering the core topics in both information security technology, forensics and management: introduction to cryptology, applied information security, network security, IT governance, information society and security, and legal aspects of information security. In addition, each track has a set of specific courses and the students have to choose at least 15 credits of courses from the track-specific pool of electives. Students also have to choose their master thesis topic within their chosen track.
Ordinary mandatory courses from the other track of the programme and courses from the masters programme in media technology and the CIMET (Color in Informatics and Media Technology) master can be included as electives. Students can also use up to 20 ECTS of courses at the 3000 level as part of their master programme, and are particularly encouraged to browse the course offerings of the bachelor programmes in network and system administration, software engineering, and economics and management. Some of the courses listed above can also be mobile in time, space and teaching format upon request by students (typically a course can be taken in a different semester through self-study and individual or group supervision).
Master-level courses from other institutions can be included as electives or can substitute for mandatory courses at the discretion of the programme director.
The course structure for part-time students can be composed individually as long the track-specific requirements mentioned above and any course interdependencies are respected. The most important course interdependencies are the following: 1. Students should enter their master thesis in the semester following the research project planning course, 2. All previous course work has to be completed before entering the master thesis (an exception of 10 credits missing can be made at the discretion of the master thesis instructor, but only if the missing credits are not relevant for the topic of the master thesis).
Students entering the programme from the bachelors programme in information security will be offered greater flexibility in the course structure due to potential overlap with some of the contents in the bachelors programme.
Study methods
Lectures
Exercises
Project work
Essay/Article writing
Independent study
Group exercises
Lab exercises
Technical Prerequisites
Students, who choose to participate in the study program on distance, need a relatively new computer and a broadband Internet connection. Software that is needed is mostly freely available on the Internet. In some courses commercial products, such as MatLab, are required.
For practical computer skills, it is expected that students can use any common operating system (GNU/Linux, Microsoft Windows, MacOS or Solaris) both with a graphical user interface and a command line interface.
Students who have not had a dedicated course on each of these topics should not worry, they just need to be prepared for a little bit of extra studying when entering topics that require background knowledge with which they are not sufficiently familiar beforehand.
Graduate studies in information security requires a somewhat different mathematical platform than the one included in most bachelor studies. To master the theoretical topics included in the master programme we therefore recommend that you attend the preparatory courses in number theory and theoretical computer science offered during the first two weeks of the fall semester.
Table of subjects
Master of Science in Information Security 2010-2012 Technology full-time track
| Coursecode | Course name | C/E *) | ECTS each. semester | |||
|---|---|---|---|---|---|---|
| S1(A) | S2(S) | S3(A) | S4(S) | |||
| IMT4421 | Scientific Methodology | C | 5 | |||
| IMT4541 | Foundations of Information Security | C | 5 | |||
| IMT4532 | Cryptology 1 | C | 5 | |||
| IMT4552 | Cryptology 2 | C | 5 | |||
| IMT4571 | IT Governance | C | 5 | |||
| IMT4561 | Applied Information Security | C | 5 | |||
| IMT4591 | Legal Aspects of Information Security | C | 5 | |||
| IMT4581 | Network Security | C | 10 | |||
| IMT4481 | Information Society and Security | C | 5 | |||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| IMT4601 | Research Project Planning | C | 5 | |||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| IMT4901 | Master's Thesis | C | 30 | |||
| Sum: | 30 | 30 | 30 | 30 | ||
Master of Science in Information Security 2010-2012 Digital Forensics full-time track
| Coursecode | Course name | C/E *) | ECTS each. semester | |||
|---|---|---|---|---|---|---|
| S1(A) | S2(S) | S3(A) | S4(S) | |||
| IMT4421 | Scientific Methodology | C | 5 | |||
| IMT4012 | Digital Forensics I | C | 5 | |||
| IMT4532 | Cryptology 1 | C | 5 | |||
| IMT4571 | IT Governance | C | 5 | |||
| IMT4561 | Applied Information Security | C | 5 | |||
| IMT4022 | Digital Forensics II | C | 10 | |||
| IMT4581 | Network Security | C | 10 | |||
| IMT4641 | Computational Forensics | C | 5 | |||
| IMT4612 | Machine Learning and Pattern Recognition I | C | 5 | |||
| IMT4591 | Legal Aspects of Information Security | C | 5 | |||
| IMT4601 | Research Project Planning | C | 5 | |||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| IMT4901 | Master's Thesis | C | 30 | |||
| Sum: | 25 | 35 | 30 | 30 | ||
Master of Science in Information Security 2010-2012 Management full-time track
| Coursecode | Course name | C/E *) | ECTS each. semester | |||
|---|---|---|---|---|---|---|
| S1(A) | S2(S) | S3(A) | S4(S) | |||
| IMT4651 | Security as Continuous Improvement | C | 5 | |||
| IMT4661 | Security Management Dynamics | C | 5 | |||
| IMT4421 | Scientific Methodology | C | 5 | |||
| IMT4561 | Applied Information Security | C | 5 | |||
| IMT4532 | Cryptology 1 | C | 5 | |||
| IMT4571 | IT Governance | C | 5 | |||
| IMT4591 | Legal Aspects of Information Security | C | 5 | |||
| IMT4841 | Security Planning and Incident Management | C | 10 | |||
| IMT4581 | Network Security | C | 10 | |||
| IMT4481 | Information Society and Security | C | 5 | |||
| IMT4601 | Research Project Planning | C | 5 | |||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| IMT4901 | Master's Thesis | C | 30 | |||
| Sum: | 30 | 30 | 30 | 30 | ||
Master of Science in Information Security 2010-2013 Technology part-time track (three years)
| Coursecode | Course name | C/E *) | ECTS each. semester | |||||
|---|---|---|---|---|---|---|---|---|
| S1(A) | S2(S) | S3(A) | S4(S) | S5(A) | S6(S) | |||
| IMT4532 | Cryptology 1 | C | 5 | |||||
| IMT4552 | Cryptology 2 | C | 5 | |||||
| IMT4421 | Scientific Methodology | C | 5 | |||||
| IMT4571 | IT Governance | C | 5 | |||||
| IMT4591 | Legal Aspects of Information Security | C | 5 | |||||
| IMT4481 | Information Society and Security | C | 5 | |||||
| IMT4581 | Network Security | C | 10 | |||||
| IMT4601 | Research Project Planning | C | 5 | |||||
| IMT4541 | Foundations of Information Security | C | 5 | |||||
| IMT4561 | Applied Information Security | C | 5 | |||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| IMT4904 | Master's Thesis | C | 10 | 20 | ||||
| Sum: | 20 | 20 | 20 | 20 | 20 | 20 | ||
Master of Science in Information Security 2010-2013 Digital Forensics part-time track (three years)
| Coursecode | Course name | C/E *) | ECTS each. semester | |||||
|---|---|---|---|---|---|---|---|---|
| S1(A) | S2(S) | S3(A) | S4(S) | S5(A) | S6(S) | |||
| IMT4012 | Digital Forensics I | C | 5 | |||||
| IMT4561 | Applied Information Security | C | 5 | |||||
| IMT4532 | Cryptology 1 | C | 5 | |||||
| IMT4421 | Scientific Methodology | C | 5 | |||||
| IMT4581 | Network Security | C | 10 | |||||
| IMT4641 | Computational Forensics | C | 5 | |||||
| IMT4612 | Machine Learning and Pattern Recognition I | C | 5 | |||||
| IMT4571 | IT Governance | C | 5 | |||||
| IMT4601 | Research Project Planning | C | 5 | |||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| IMT4022 | Digital Forensics II | C | 10 | |||||
| IMT4591 | Legal Aspects of Information Security | C | 5 | |||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| IMT4904 | Master's Thesis | C | 10 | 20 | ||||
| Sum: | 20 | 20 | 20 | 20 | 20 | 20 | ||
Master of Science in Information Security 2010-2013 Management part-time track (three years)
| Coursecode | Course name | C/E *) | ECTS each. semester | |||||
|---|---|---|---|---|---|---|---|---|
| S1(A) | S2(S) | S3(A) | S4(S) | S5(A) | S6(S) | |||
| IMT4661 | Security Management Dynamics | C | 5 | |||||
| IMT4651 | Security as Continuous Improvement | C | 5 | |||||
| IMT4571 | IT Governance | C | 5 | |||||
| IMT4421 | Scientific Methodology | C | 5 | |||||
| IMT4591 | Legal Aspects of Information Security | C | 5 | |||||
| IMT4481 | Information Society and Security | C | 5 | |||||
| IMT4841 | Security Planning and Incident Management | C | 10 | |||||
| IMT4601 | Research Project Planning | C | 5 | |||||
| IMT4561 | Applied Information Security | C | 5 | |||||
| IMT4532 | Cryptology 1 | C | 5 | |||||
| Elective course, 5 ECTS | E | 5 | ||||||
| IMT4581 | Network Security | C | 10 | |||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| IMT4904 | Master's Thesis | C | 10 | 20 | ||||
| Sum: | 20 | 20 | 20 | 20 | 20 | 20 | ||
Electives
| Coursecode | Course name | C/E *) | ECTS each. semester | |
|---|---|---|---|---|
| S1(A) | S2(S) | |||
| IMT3491 | Ethical Hacking and Penetration Testing | E | 5 | |
| IMT3761 | Information Warfare | E | 5 | |
| IMT3551 | Digital Forensics | E | 5 | |
| IMT4882 | Specialization Course II | E | 10 | 10 |
| IMT4721 | Authentication | E | 5 | |
| IMT4632 | Machine Learning and Pattern Recognition II | E | 5 | |
| IMT4671 | Organizational and Human Aspects of Information Security | E | 5 | |
| IMT4772 | Risk Management II | E | 5 | |
| IMT4881 | Specialization Course | E | 5 | 5 |
| IMT4741 | Intrusion detection and prevention | E | 5 | |
| IMT4751 | Wireless communication security | E | 5 | |
| IMT4762 | Risk Management I | E | 5 | |
| IMT3511 | Discrete Mathematics | E | 10 | |
| IMT4621 | Biometrics | E | 5 | |
| IMT4612 | Machine Learning and Pattern Recognition I | E | 5 | |
| IMT4641 | Computational Forensics | E | 5 | |
| Sum: | 0 | 0 | ||