Calendar

MSc in Information Security

MSc in Information Security

The MSc in Information Security program is targeted for students with various backgrounds such as graduates of Computer Science, Computer Engineering, Electronic engineering, Communication engineering, Information Technology, Mathematics, or other pertinent specializations.

The program starts with common core courses that cover essential Information Security topics and later branches into three themes that allow the students to choose an area of specialisation. Subsequently, there are electives which cover extra topics to broaden the student’s knowledge in areas not covered in the core. Finally, the candidates work on a MSc project on their chosen area. The project may be undertaken in several topics corresponding to the focus areas identified by the relevant supervisors. Alternatively, where applicable, students may propose project topics of their own or work on solving problems of their respective sponsoring organisations.

The MSc in Information Security program is mainly targeted to meet the workforce need of Information Security professionals in the country and the region. The Program offers strong employment and career development prospects for graduates in the aforementioned areas and many others. The skills developed in graduates are particularly attractive to entities where information security is crucial such as financial institutions, telecom operators, law enforcement agencies, and software development houses.

Program Chair  

Professor Ernesto Damiani 

Department of Electrical and Computer Engineering

Program Goals

The goals of the program are to produce graduates who:

• Advance professionally and are recognized as leaders in their chosen fields.
• Apply their technical expertise to address the needs of society in critical, creative, ethical, and innovative manner.
• Further develop their knowledge and skills through graduate education and professional schools.

Program Outcomes

A student graduating with the MSc in Information Security program will be able to:

• Identify, formulate, and solve advanced information security problems through the application of advanced knowledge of information security.
• Acquire knowledge of contemporary issues and demonstrate an advanced level of understanding in the field of information security.
• Design and conduct experiments, as well as analyze, interpret data and make decisions.
• Conduct research in a chosen area of specialization, document and defend the research results.
• Use techniques and modern tools necessary for information security practice.
• Function on teams and communicate effectively.
• Understand professional and ethical responsibilities.

 

 

The university general graduate studies admission requirements apply for admission to the MSc in Information Security program. Please note that admission into the MSc in Information Security program is open to UAE Nationals only.

Bachelor degrees relevant for admission to the program are Electrical engineering, Electronic engineering, Communication engineering, Computer engineering, Computer science, Information Technology, or Mathematics. Candidates with degrees in other pertinent specializations may also be considered. In such cases, candidates will be asked to submit course descriptions along with their transcripts.

Duration of study

The minimum period of study will be 1.5 years (3 regular semesters) from the date of first registration in the case of full-time registration and 2.5 years (5 regular semesters) from the date of first registration in the case of part-time registration.

The maximum period of study will be 2 years (4 regular semesters) from the date of first registration in the case of full-time registration and 3 years (6 regular semesters) from the date of first registration in the case of part-time registration. In exceptional cases, an extension of registration may be granted.

Program Components

The MSc in Information Security is equivalent to 36 credit-hours. The program consists of two main components:

  • Taught Courses Component: in this component the student is required to complete a program of advanced study in information security. This component is equivalent to 24 credit-hours and consists of 8 courses, with 3 credit-hours each, and the research seminar course, which has a zero credit rating. The 8 courses (24 credit-hours) are: 4 core courses (12 credit-hours), 2 theme courses (6 credit-hours) and 2 optional courses (6 credit-hours) selected from a list of electives. The taught courses component contributes 2/3 of the overall graduation grade point average.
  • Thesis Component: in this component the student is required to carry out an independent thesis in information security. This component is equivalent to 12 credit-hours (4 courses) and as such contributes 1/3 of the overall graduation grade point average.

Core Courses (12 credit-hours) 

Course Code Course Name Credits
ISEC 614 Mathematics for Information Security 3
ISEC 602 Introduction to Cryptography 3
ISEC 615 Computer and Network Security 3

ISEC 601

 

ISEC 616

Information Security Management (for E-Business Security and Digital Forensics themes)

or

Algebra for Cryptology (for the Cryptology theme)

3

ENGR 695

Seminar in Research Methods

0

Theme Courses (6 credit-hours)

Theme Course Code Course Name Credits
E-Business Security ISEC 605 Web and E-Business Security 3
  ISEC 606 Software and Database Security 3
Digital Forensics ISEC 607 Advanced Operating Systems 3
  ISEC 608 E-Forensics and Computer Crime 3
Cryptology ISEC 611 Advanced Cryptography 3
  ISEC 617 Cryptanalysis 3

Optional Elective Courses (6 credit-hours)

Course Code Course Title Credits
ISEC 609 Wireless Networks and Mobile Security 3
ISEC 610 Identity Management 3
ISEC 612 Trusted Computing 3
ISEC 618 Cryptographic Algorithm Design 3
ISEC 619 Information and Coding Theory 3
ISEC 620 Cryptographic Hardware and Embedding 3
ISEC 621 Hardware and System Architecture Security 3

ISEC Master's Thesis (12 credits) 

A student must complete a Master's thesis that involves creative research oriented work within the field of information security under the direct supervision of at least one full-time faculty advisor. The research findings must be documented in a formal thesis and defended successfully in a viva voce examination. 

ISEC 601 – Information Security Management (3-0-3) 

Prerequisite – None

This course provides an introduction to the Information Security Environment. Topics covered include the need for information security, management techniques, tools and applications. Security strategy, architecture, policy and standards are also addressed together with security audits, ethics and the law and regulatory issues. 

ISEC 602 – Introduction to Cryptography (3-0-3)

Prerequisite – None

This course provides an introduction to cryptography that covers the history of classical and modern cryptography. The topics covered include the cryptographic services of authentication, data integrity, confidentiality and non-repudiation. Also covered are cryptographic ciphers, authentication and integrity algorithms, protocols, and public key infrastructures. 

ISEC 605 – Web and E-Business Security (3-0-3)

Prerequisite – Information Security Management (ISEC 601), Introduction to Cryptography (ISEC 602), Mathematics for Information Security (ISEC 614) and Computer and Network Security (ISEC 615), Co-Requisite: Software and Database Security (ISEC 606)

This course covers the topics of web server security, content security and E-Business security, digital certificates including identification techniques, certificate authorities and code signing, E-Business continuity and the legal and privacy issues of E-Business. 

ISEC 606 – Software and Database Security (3-0-3)

Prerequisite – Information Security Management (ISEC 601), Introduction to Cryptography (ISEC 602), Mathematics for Information Security (ISEC614) and Computer and Network Security (ISEC 615), Co-Requisite: Web and E-Business Security (ISEC 605)

This course covers the topics of the fundamentals of software security, Risk management frameworks, penetration testing, security operations, enterprise security measures, secure development cycles, access control and authentication, secure database connectivity, database auditing and encryption.

ISEC 607 – Operating Systems Security (3-0-3)

Prerequisite – Computer and Network Security (ISEC 615)

This course covers issues in operating system (OS) design including Processes and Threads, Scheduling goals, scheduling methods and security and scheduling, Synchronization and Deadlocks, Virtual Memory, Atomic Transactions, File Systems and Distributed Systems and OS Security.

ISEC 608 – E-Forensics and Computer Crime (3-0-3)

Prerequisite – Introduction to Cryptography (ISEC 601)

Co-Requisite: Operating Systems Security (ISEC 607)

This course covers the topics of computer crimes, security awareness and the need for digital forensics. The course also covers the topics of computer evidence, presenting evidence in court, media forensics, the digital forensic process, data analysis, mobile and real time forensics and explores a number of the current digital forensic tools. 

ISEC 609 – Wireless Networks and Mobile Security (3-0-3)

Prerequisite – Introduction to Cryptography (ISEC 602) and  Computer and Network  Security (ISEC 615)

This course covers the fundamentals of security issues related to wireless networks and mobile environments such as WLAN, WPAN, GSM, 3G and ubiquitous network. The students will not only need to identify sources of security threats of mobile environment and evaluate the strength of various existing security but also design standard authentication and security mechanism for wireless and mobile communication environments. 

ISEC 610 – Identity Management (3-0-3)

Prerequisite – Introduction to Cryptography (ISEC 602)

This course will give students an understanding and the insight of the current standards, technologies, and widely used approaches for Identity Management such as IdM systems and their life cycle. Also, students will assess security risks involved in IdM systems and plan a customized IdM system based on an enterprise need. 

ISEC 611 – Advanced Cryptography (3-0-3)

Prerequisite – Introduction to Cryptography (ISEC 602), Algebra for Cryptology (ISEC 616)

In this course students will learn advanced concepts and techniques pertaining to Cryptography and data security such as complexity of computation, block ciphers, stream ciphers, cryptographic hash functions, public key cryptography and quantum cryptography. The students will evaluate strength and weakness of various security protocols as well as standard authentication protocols for real communication environments. 

ISEC 612 – Trusted Computing (3-0-3)

Prerequisite – Computer and Network Security (ISEC 615)

This course provides students with an understanding of the principles behind trusted computing and what it can do to improve system and user security. Topics include: Introduction to trusted computing, Trusted Computing Technology, Direct Anonymous Attestation (DAA), Single-Sign-On (SSO), Contemporary issues of Trusted Computing, and the Future of Trusted Computing. 

ISEC 613 – MSc in Information Security Project (0-12-12)

Prerequisite – Pass all core courses; Good academic standing; Approval of the MSc in Information Security program chair

Each student will undertake a major individual thesis work in the area of Information Security. The student will demonstrate a high level of understanding and specialization in the thesis area by undertaking a specific item of research. Each student will develop their project schedule, technical writing, and technical presentation skills by delivering three documentations and presentations as follows: Thesis Proposal and Initial Presentation, Progress Report and Interim Presentation, and Thesis and Final Presentation 

ISEC 614 – Mathematics for Information Security (3-0-3)

Prerequisite – None

On this course students will learn the basic definitions and theories of abstract algebra, number theory, probability and statistics that are appropriate to the field of information security. The students will be able to apply these basic mathematical concepts of abstract algebra, number theory and probability to the areas of information security and cryptography. 

ISEC 615 – Computer and Network Security (3-0-3)

Prerequisite – None

This course provides the student with the concepts of securing modern computer systems and networks and knowledge of how to address common problems that lead to computer and network insecurity. Topics include: computer and network principles, authentication, authorization, integrity, confidentiality, vulnerability assessment and management, malicious code and threats, firewalls and network security devices. 

ISEC 616 – Algebra for Cryptology (3-0-3)

Prerequisite – ISEC 614 Mathematics for Information Security

This course provides the student with notions of algebraic structures to work in the field of Cryptology and Information Assurance. Topics include: linear algebra, vector spaces, group theory, field theory and primitive polynomials. 

ISEC 617 – Cryptanalysis (3-0-3)

Prerequisite – Introduction to Cryptography (ISEC 602), and Algebra for Cryptology (ISEC 616)

This course provides the student with an understanding of the vulnerabilities of cryptosystems and how to improve system and user security. Topics include attacks on classic ciphers, linear and differential cryptanalysis, fast correlation attacks on stream ciphers, algebraic attacks on AES, different factoring and discrete log algorithms and side channel attacks. 

ISEC 618 – Cryptographic Algorithm Design (3-0-3)

Prerequisite – Introduction to Cryptography (ISEC 602), Mathematics for Information Security (ISEC 614)

This course provides the student with an understanding of cryptographic algorithms and the corresponding complexity analysis. Topics include: computationally hard problems, Boolean functions, elliptic curve cryptography implementations, properties and constructions of hash functions and quantum algorithms. 

ISEC 619 – Information and Coding Theory (3-0-3)

Prerequisite – Introduction to Cryptography (ISEC 602), and Algebra for Cryptology (ISEC 616)

This course provides the student with a good understanding of Information Theory and its applications in the field of Error Correction. Topics include: entropy, algorithms over binary finite fields, channel models, coding theory. 

ISEC 620 – Cryptographic Hardware Design (3-0-3)

Prerequisite – Introduction to Cryptography (ISEC 602)

This course provides the student with a good understanding of Cryptographic Hardware and Embedding. Topics include: Digital system design with an overview of VHDL, the basic building blocks of Cryptography, mathematical preliminaries, the design of binary finite field computation units, the implementation of hash functions, block cipher hardware design and asymmetric cryptographic hardware design. 

ISEC 621 – Hardware and System Architecture Security (3-0-3)

Co-requisite: Advanced Cryptography (ISEC 611), Cryptanalysis (ISEC 617), Cryptographic Hardware Design (ISEC 620)

This course provides the student with a good understanding of hardware and system architecture Security: hardware system architecture security. Topics include: Bus security and integrated networks, Memory Security, Side Channel Analysis, Fault Analysis, Physical unclonable functions, Physical Isolation and the Red/Black Architecture. 

ISEC 622 – Penetration Testing (3-0-3)

Prerequisite – Computer and Network Security (ISEC 615)

This course provides the student with a good understanding of penetration Testing (also referred to as Ethical Hacking).  The course covers all aspects of the subject from ethics to social engineering and then the methodologies and tools and techniques that can be used.  The course also addresses the capture of malicious software and the reporting of the results.