Master of Science in Information Security - MIS
Short description
Information technology permeates all aspects of society and has become critical to industry, government, and individual well-being. Securing these vital services and structures and the availability of trustworthy information whenever and wherever it is required has become both an area of intensive research and also of burgeoning commercial activity. A master of science in information security will provide the students with the knowledge and theoretical background as well as with the requisite skills and attitudes to succeed in this challenging yet eminently rewarding field.
Duration
This is a two-year master program (120 ECTS credits) which is also available part-time over three or four years. The degree awarded upon completion is “Master of Science in Information Security”.
The program has three tracks: management , technology and digital forensics . Students have to choose which track they pursue when entering the program (see the course structure below).
The program qualifies the students to proceed to Ph.D. studies.
Expected learning outcomes
Knowledge
- The candidate possesses advanced knowledge in the field of information security in general and the following particular topics: computer and network security, security management, incident response, security of critical information infrastructure and legal aspects of information security. The candidate possesses special insight and expertise in information security technology, digital forensics or security management, depending on the chosen program track.
- The candidate possesses thorough knowledge of academic theory and methods in the field of information security.
- The candidate is capable of applying knowledge in new areas within the field of information security.
- The candidate is familiar with current state-of-the-art in the field of information security.
- The candidate possesses thorough knowledge of scientific methodology, needed to plan and carry out research and development projects in the field of information security.
Skills
- The candidate is capable of analyzing existing theories, methods and interpretations of theories within the field of information security as well as solving theoretical and practical problems independently.
- The candidate is capable of using independently relevant methods in research and development in the field of information security. These methods include literature study, logical reasoning and performing scientific experiments together with interpreting their results.
- The candidate is capable of performing critical analysis of different information sources and applying the results of that analysis in academic reasoning and structuring and formulating scientific problems.
- The candidate is capable of completing an independent research and development project of moderate size under supervision (example: the master thesis), adhering to the current code of ethics in scientific research.
- The candidate is capable of carrying out a plan of a research project under supervision.
General competence
- The candidate is capable of analyzing academic, professional and research problems.
- The candidate is capable of using knowledge and skills to carry out advanced tasks and projects.
- The candidate is capable of imparting comprehensive independent work in the field of information security. The candidate also mastered the terminology in the field of information security.
- The candidate is capable of communicating academic issues, analysis and conclusions both with experts in the field of information security and with the general audience.
- The candidate is capable of contributing to innovation and innovation processes.
Internationalization
The students are allowed to travel abroad to do their master theses. The information security group has strong links to many of the leading international academic groups within the field, and the students are encouraged to contact their instructors in the course «Research project planning» to ask for relevant travel opportunities.
Target Group
There are three focus groups for this study program:
- Undergraduate students entering the program as a continuation of their bachelor degree without any prior work experience.
- Industry students (or students in the private/public sector in general) looking for a full-time or part-time master program, which is flexible and can be adapted to their employers' needs and their own individual needs.
- International students: full-time, part-time or exchange students arriving for single semesters only.
Admission Criteria
To qualify for admission, an applicant must have a bachelor degree in computer science or a related subject. The applicant must document that he/she has at least 9 ECTS credits in mathematics/statistics and at least 60 ECTS credits in computer science subjects at the bachelor level. A grade point average (GPA) of C is required. It is expected that within the credits mentioned above the following topics have been covered:
- Structural and object-oriented programming
- Algorithms and data structures
- Databases and XML
- Software engineering
- Computer networks (Data communication)
- Operating systems and computer architecture
Students who have not had a dedicated course in each of these topics need to be prepared for some extra studying when entering topics that require background knowledge, with which they are not sufficiently familiar beforehand.
Graduate studies in information security require a somewhat different mathematical platform than the one included in most bachelor studies. To master the theoretical topics included in the master program we therefore recommend that the students attend the preparatory courses in number theory and theoretical computer science offered during the first weeks of the fall semester.
Course Structure
The program is offered in a flexible manner to fit well to all the three target groups of students. In general, on-campus presence is required only three times per semester (1-3 days each time), for a start-up session, for mid-term exams/presentations (and a start-up session of the second part of the semester) and for final exams/presentations. Attendance is also strongly recommended for the initial first two weeks of the program when two preparatory intense short-courses in number theory and theoretical computer science are offered . All courses are available online, but there will also be sessions on a regular weekly or bi-weekly schedule. The presence on these sessions is not required.
More details for the upcoming year of study will be given here:
The program has three tracks (paths of study): management, technology and digital forensics. Students have to choose which track they pursue when entering the program. Common to all three tracks are the courses covering the core topics in both information security technology, forensics and management: introduction to cryptology, applied information security, network security, IT governance, information society and security, and legal aspects of information security. In addition, each track has a set of specific courses. Elective courses are freely chosen from the common pool of electives. The students have to choose their master thesis topics within their chosen tracks.
Ordinary mandatory courses from other tracks of the program and courses from the master program in media technology and the CIMET (Color in Informatics and Media Technology) master may be included as electives. Students can also use up to 20 ECTS of the courses at the 3000 level as a part of their master program. Some of the courses listed above can also be flexible regarding time, space and teaching format upon request by the students (typically, a course may be taken in a different semester through self-study and under individual or group supervision).
Master-level courses from other institutions may be included as electives or may substitute mandatory courses at the discretion of the program director.
The course structure for the part-time students may be composed individually as long the track-specific requirements mentioned above and any course inter-dependencies are respected. The most important course inter-dependencies are the following: 1. Students should start working on their master theses in the semester following the research project planning course, 2. All previous coursework has to be completed before starting work on the master thesis (an exception of 10 missing credits may be tolerated at the discretion of the director of the study program, but only if the missing credits are not relevant for the topic of the master thesis).
Study methods
Lectures
Exercises
Project work
Essay/Article writing
Independent study
Group exercises
Lab exercises
Technical Prerequisites
The students who choose to participate in the study program as distance students, need a relatively new computer and a broadband Internet connection. Software that is needed is mostly freely available on the Internet. In some courses commercial products, such as MatLab, are required.
As for the practical computer skills, it is expected that the students are capable of using any common operating system (GNU/Linux, Microsoft Windows, MacOS or Solaris) both with a graphical user interface and a command line interface.
The students who have not had a dedicated course on each of these topics should not worry. They just need to be prepared for a little bit of extra studying when entering topics that require background knowledge, with which they are not sufficiently familiar beforehand.
Graduate studies in information security require a somewhat different mathematical platform than the one included in most bachelor studies. To master the theoretical topics included in the master program we therefore recommend that the students attend the preparatory courses in number theory and theoretical computer science offered during the first two weeks of the fall semester.
Table of subjects
Master of Science in Information Security 2010-2012 Technology full-time track
| Coursecode | Course name | C/E *) | ECTS each. semester | |||
|---|---|---|---|---|---|---|
| S1(A) | S2(S) | S3(A) | S4(S) | |||
| IMT4421 | Scientific Methodology | C | 5 | |||
| IMT4541 | Foundations of Information Security | C | 5 | |||
| IMT4532 | Cryptology 1 | C | 5 | |||
| IMT4552 | Cryptology 2 | C | 5 | |||
| IMT4571 | IT Governance | C | 5 | |||
| IMT4561 | Applied Information Security | C | 5 | |||
| IMT4591 | Legal Aspects of Information Security | C | 5 | |||
| IMT4581 | Network Security | C | 10 | |||
| IMT4481 | Information Society and Security | C | 5 | |||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| IMT4601 | Research Project Planning | C | 5 | |||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| IMT4904 | Master's Thesis | C | 30 | |||
| Sum: | 30 | 30 | 30 | 30 | ||
Master of Science in Information Security 2010-2012 Digital Forensics full-time track
| Coursecode | Course name | C/E *) | ECTS each. semester | |||
|---|---|---|---|---|---|---|
| S1(A) | S2(S) | S3(A) | S4(S) | |||
| IMT4421 | Scientific Methodology | C | 5 | |||
| IMT4012 | Digital Forensics I | C | 5 | |||
| IMT4532 | Cryptology 1 | C | 5 | |||
| IMT4571 | IT Governance | C | 5 | |||
| IMT4561 | Applied Information Security | C | 5 | |||
| IMT4022 | Digital Forensics II | C | 10 | |||
| IMT4581 | Network Security | C | 10 | |||
| IMT4641 | Computational Forensics | C | 5 | |||
| IMT4612 | Machine Learning and Pattern Recognition I | C | 5 | |||
| IMT4591 | Legal Aspects of Information Security | C | 5 | |||
| IMT4601 | Research Project Planning | C | 5 | |||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| IMT4904 | Master's Thesis | C | 30 | |||
| Sum: | 25 | 35 | 30 | 30 | ||
Master of Science in Information Security 2010-2012 Management full-time track
| Coursecode | Course name | C/E *) | ECTS each. semester | |||
|---|---|---|---|---|---|---|
| S1(A) | S2(S) | S3(A) | S4(S) | |||
| IMT4651 | Security as Continuous Improvement | C | 5 | |||
| IMT4661 | Security Management Dynamics | C | 5 | |||
| IMT4421 | Scientific Methodology | C | 5 | |||
| IMT4561 | Applied Information Security | C | 5 | |||
| IMT4532 | Cryptology 1 | C | 5 | |||
| IMT4571 | IT Governance | C | 5 | |||
| IMT4591 | Legal Aspects of Information Security | C | 5 | |||
| IMT4841 | Security Planning and Incident Management | C | 10 | |||
| IMT4581 | Network Security | C | 10 | |||
| IMT4481 | Information Society and Security | C | 5 | |||
| IMT4601 | Research Project Planning | C | 5 | |||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| Elective course, 5 ECTS | E | 5 | ||||
| IMT4904 | Master's Thesis | C | 30 | |||
| Sum: | 30 | 30 | 30 | 30 | ||
Master of Science in Information Security 2010-2013 Technology part-time track (three years)
| Coursecode | Course name | C/E *) | ECTS each. semester | |||||
|---|---|---|---|---|---|---|---|---|
| S1(A) | S2(S) | S3(A) | S4(S) | S5(A) | S6(S) | |||
| IMT4532 | Cryptology 1 | C | 5 | |||||
| IMT4552 | Cryptology 2 | C | 5 | |||||
| IMT4421 | Scientific Methodology | C | 5 | |||||
| IMT4571 | IT Governance | C | 5 | |||||
| IMT4591 | Legal Aspects of Information Security | C | 5 | |||||
| IMT4481 | Information Society and Security | C | 5 | |||||
| IMT4581 | Network Security | C | 10 | |||||
| IMT4601 | Research Project Planning | C | 5 | |||||
| IMT4541 | Foundations of Information Security | C | 5 | |||||
| IMT4561 | Applied Information Security | C | 5 | |||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| IMT4904 | Master's Thesis | C | 10 | 20 | ||||
| Sum: | 20 | 20 | 20 | 20 | 20 | 20 | ||
Master of Science in Information Security 2010-2013 Digital Forensics part-time track (three years)
| Coursecode | Course name | C/E *) | ECTS each. semester | |||||
|---|---|---|---|---|---|---|---|---|
| S1(A) | S2(S) | S3(A) | S4(S) | S5(A) | S6(S) | |||
| IMT4012 | Digital Forensics I | C | 5 | |||||
| IMT4561 | Applied Information Security | C | 5 | |||||
| IMT4532 | Cryptology 1 | C | 5 | |||||
| IMT4421 | Scientific Methodology | C | 5 | |||||
| IMT4581 | Network Security | C | 10 | |||||
| IMT4641 | Computational Forensics | C | 5 | |||||
| IMT4612 | Machine Learning and Pattern Recognition I | C | 5 | |||||
| IMT4571 | IT Governance | C | 5 | |||||
| IMT4601 | Research Project Planning | C | 5 | |||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| IMT4022 | Digital Forensics 2 | C | 10 | |||||
| IMT4591 | Legal Aspects of Information Security | C | 5 | |||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| IMT4904 | Master's Thesis | C | 10 | 20 | ||||
| Sum: | 20 | 20 | 20 | 20 | 20 | 20 | ||
Master of Science in Information Security 2010-2013 Management part-time track (three years)
| Coursecode | Course name | C/E *) | ECTS each. semester | |||||
|---|---|---|---|---|---|---|---|---|
| S1(A) | S2(S) | S3(A) | S4(S) | S5(A) | S6(S) | |||
| IMT4661 | Security Management Dynamics | C | 5 | |||||
| IMT4651 | Security as Continuous Improvement | C | 5 | |||||
| IMT4571 | IT Governance | C | 5 | |||||
| IMT4421 | Scientific Methodology | C | 5 | |||||
| IMT4591 | Legal Aspects of Information Security | C | 5 | |||||
| IMT4481 | Information Society and Security | C | 5 | |||||
| IMT4841 | Security Planning and Incident Management | C | 10 | |||||
| IMT4601 | Research Project Planning | C | 5 | |||||
| IMT4561 | Applied Information Security | C | 5 | |||||
| IMT4532 | Cryptology 1 | C | 5 | |||||
| Elective course, 5 ECTS | E | 5 | ||||||
| IMT4582 | Network Security | C | 10 | |||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| Elective course, 5 ECTS | E | 5 | ||||||
| IMT4904 | Master's Thesis | C | 10 | 20 | ||||
| Sum: | 20 | 20 | 20 | 20 | 20 | 20 | ||
Electives
| Coursecode | Course name | C/E *) | ECTS each. semester | |
|---|---|---|---|---|
| S1(A) | S2(S) | |||
| IMT4632 | Machine Learning and Pattern Recognition 2 | E | 5 | |
| IMT4671 | Organizational and Human Aspects of Information Security | E | 5 | |
| IMT4772 | Risk Management 2 | E | 5 | |
| IMT4741 | Intrusion detection and prevention | E | 5 | |
| IMT3761 | Information Warfare | E | 5 | |
| IMT3491 | Ethical Hacking and Penetration Testing | E | 5 | |
| IMT4722 | Behavioural Biometrics | E | 5 | |
| IMT3551 | Digital Forensics | E | 5 | |
| IMT4762 | Risk Management 1 | E | 5 | |
| IMT4751 | Wireless communication security | E | 5 | |
| IMT4881 | Specialization Course 1 | E | 5 | 5 |
| IMT4882 | Specialization Course 2 | E | 10 | 10 |
| IMT4612 | Machine Learning and Pattern Recognition 1 | E | 5 | |
| IMT4641 | Computational Forensics | E | 5 | |
| IMT3511 | Discrete Mathematics | E | 10 | |
| IMT4621 | Biometrics | E | 5 | |
| Sum: | 0 | 0 | ||