Graduate

Secure Computing MS Requirements

The M.S. in Secure Computing offers an interdisciplinary focus that combines coursework in mathematics, protocol analysis, and system and network security, with business and economics, social engineering, human-computer interaction, and other disciplines. In addition, students choose a concentration in financial risk, computer science, criminal justice, or security education.

Curriculum

A total of 36 credit hours is required for this degree. With the approval of the director of graduate studies in informatics, a professional internship may be substituted for the applied security course requirements.

Computing and Network Foundations

These courses ensure that students have a firm grasp of information systems. Students need to take 9 credit hours from the following list of courses. Note that not all courses are offered every semester, or even every year. Students must satisfy a networking and operating system requirement, either by taking one of (CSCI P436/CSCI P536) for operating systems and one of (CSCI P438/CSCI P538) for networking. Students who have previously taken such courses in prior studies can ask to be exempted from taking these specific courses, but must still take 9 credit hours in the area.

Secure Computing Core

These courses ensure that students have a firm grasp of the fundamental ideas, skills, models and tools of information security. Students need to take 12 credit hours from the following list of courses. Students must take I520 and I533 for 6 of these core credits. This ensures that students get a well-rounded background in Secure Computing. Note that not all courses are offered every semester, or even every year (with the exception of I520 and I533, which are offered every year).

Note that I590 is a “Topics” course, which means many different courses are offered under this course listing. This course may be taken multiple times to satisfy credit hours in this area so long as the courses are taught by core program faculty, or 2) You have the approval of the program director. If you have any concerns, please check with the graduate office.

Applied Security & Professional Practice

The goal of these credits is to ensure that you have the opportunity to practice skills in an applied and preferably professional setting. Our goal is for most students to be able to have internships in organizations where they will be exposed to some practical aspect of information security in a day-to-day manner. The School’s Career Services group is an excellent resource that is useful in helping students find internships. We recommend that you start early. You need to start thinking about this in your first weeks! Please see the section on Career Services later in this document for contact and other useful information. Each 10-hour per week internship over a semester/summer provides 1 credit hour. Security students are highly sought as paid interns; and it is not unusual for summer internship courses to provide both income and 4 hours of degree credit. A student may take a maximum of two internships, for a maximum of 6 credit hours. Further, a student may work no more than 40 hours per week for credit. Beyond an internship, students may also satisfy their Applied Security & Professional Practice credit requirements through specific course (listed below). Finally, if a student is working with a particular faculty on a research project, then an independent study may also be possible. Please note that faculty are not obligated to supervise independent studies.

Electives

The remaining credits are electives. There are three ways these credits are typically used to take courses that: 1) buttress weaknesses in your incoming education, 2) are in an area related to information security that are (frequently) outside of the school which we think of as concentrations, and 3) are traditional electives; courses which are simply of general interest to the student. It is important to note that unless you have the program director’s permission for a specific course beforehand, all electives credit must be at the 500 level or higher.

Buttressing Weaknesses

Many students coming from less technical backgrounds need exposure to programming, so that they can succeed in our technical courses. Similarly, some students find that they need a course in probability or statistics to prepare themselves for courses related to cryptography. In contrast, many technical students need help with their writing, and look to take courses related to professional or technical writing, or writing in English as a second language. To the degree possible, the need for such courses should be identified early in your studies. If you have concerns about your background, they should be discussed with the Program Director during your initial course planning meeting.

Example Courses of Study

Students entering secure computing may be joining the program from a technical or social science background. The following courses of study present examples of two different paths for people entering with different strengths and interests.

Example 1: An Arriving Computer Science Student

Imagine a student arriving with a BSc in computer science. That student has previously taken a course in networking, but never in operating systems. The student’s mathematics background is weak, so she decides to take a probability course in math to help prepare for her course in cryptography. She also has an interest in Data Mining, which she has found intersects nicely with Information Security, and so she uses her last two electives on those. She found summer employment penetration testing in the security field, working full time, so she is able to finish her professional practice over the summer.

1st semester 2nd semester Summer 3rd semester 4th semester
Security Core INFO 537 Economics of Security INFO 538 Crypto INFO 520 Network Security INFO 533 Information Assurance
Application and Professional Practice Network Admin (3) Professional Internship I591
Computing Foundations B534 P436 P438
Electives Intro Programming Business Risk Business Modeling
Example 2: An arriving Economics Student
The student arrives. The student has never programmed, but has a casual understanding of computers. Having taken economics, the student has a strong mathematics background. Thus, the student takes an introductory course on programming and data structures, and an applied course on systems administration in his first year to improve his computing skills, while concurrently taking mathematical and organizational security courses. In the second year, he takes the more technical and required security core courses, as well as foundational courses on computing. He uses his remaining electives to pursue some security related courses from the business school. 8 of 23
1st semester 2nd semester Summer 3rd semester 4th semester
Security Core INFO 525 INFO 520 INFO 533 (Systems Assrnc) INFO 538 (Crypto)
Application and Professional Practice Professional Internship I591 (x2)
Computing Foundations P534 (Pervasive) P538 (Networks) P436 (Operating Sys)
Electives Probability Data Mining I Data Mining II

Further information is available in the Secure Computing Handbook.