University Catalog 2005-2006

University Catalog > Course Descriptions > Information Security and Assurance (ISA)

Information Security and Assurance (ISA)

School of Information Technology and Engineering

662 Information Systems Security (3:3:0) Prerequisite: INFS 601 or permission of instructor. Study of security policies, models, and mechanisms for secrecy, integrity, and availability. Topics include operating system models and mechanisms for mandatory and discretionary controls, data models, concepts and mechanisms for database security, basic cryptography and applications, security in computer networks and distributed systems, control and prevention of viruses and other rogue programs.

666 Internet Security Protocols (3:3:0) Prerequisites: INFS 612 or equivalent. Study of network and distributed systems security. Review of basic cryptography and threats and vulnerabilities in distributed systems. Security services: confidentiality, authentication, integrity, access control, nonrepudiation; and their integration in network protocols. Key management, cryptographic protocols and their analysis. Access control, delegation and revocation in distributed systems. Security architectures, multilevel systems, security management and monitoring.

697 Topics in Information Security (3:3:0) Prerequisites: permission of instructor. Special topics in information security and assurance not occurring in the regular ISA sequence are presented. May be repeated for credit when distinct offerings of the course differ in subject.

765 Database and Distributed Systems Security (3:3:0) Prerequisite: INFS 614 and ISA 662 or permission of instructor. Science and study of methods of protecting data: Discretionary and mandatory access controls, secure database design, data integrity, secure architectures, secure transaction processing, information flow controls, inference controls, and auditing. Security models for relational and object-oriented databases. Security of databases in a distributed environment. Statistical database security. Survey of commercial systems and research prototypes.

767 Secure Electronic Commerce (3:3:0) Prerequisites: ISA 662 and 666, or permission of instructor. Cryptography review, cryptographic protocols, secure electronic transactions, public key certificates and infrastructures, authentication and authorization certificates, secure credential services and role-based authorization, mobile code security, security of agent-based systems, electronic payment systems, intellectual property protection, secure time stamping and notarization.

774 Intrusion Detection (3:3:0) Prerequisites: ISA 662 and 666, or permission of instructor. The study of methodologies, techniques and tools for the monitoring of events in a computer system or a network, with the objective of preventing and detecting unwanted process activity and of recovering from malicious behavior. Topics include: types of threats, host-based and network-based information sources, vulnerability analysis, denial of service, deploying and managing intrusion detection systems, passive vs. active responses, designing recovery solutions.

780 Theoretical Foundations of System Security (3:3:0) Prerequisites: ISA 662 and 666, or permission of instructor. Discussion of the formal theories supporting information security. The required background in logic and formal calculi, formal languages, automata, computability and complexity is provided. Topics include: decidability and complexity results for access control and safety models, delegation and release control models, formal analysis of security protocols, language-based security, models of information flow and verification of security properties.

796 Directed Readings in Information Security (3:3:0) Prerequisites: graduate standing in information security and assurance with at least 12 prior credits in MS. Research and analysis of a contemporary problem in information security. Prior approval is required by a faculty sponsor who supervises the studentÕs work. A written report is also required. A maximum of 6 credits may be earned. To register, students must complete independent study form, available in the department office. It must be initialed by faculty sponsor and approved by department chair.

797 Advanced Topics in Information Security (3:3:0) Prerequisites: permission of Instructor. Special advanced topics not occurring in the regular ISA sequence. May be repeated for credit when distinct offerings of the course differ in subject.

798 Research Project (3:3:0) Prerequisites: 18 credits applicable toward MS. Research project chosen under the guidance of a full-time graduate faculty member, resulting in a written technical report. Prior approval required by a faculty sponsor who supervises the studentÕs work. To register, students must complete independent study form, available in the department office. It must be initialed by faculty sponsor and approved by department chair.

799 Thesis (6:3:0) Prerequisites: 18 credits applicable toward MS or permission of instructor. Original or expository work chosen and completed under the supervision of a graduate faculty member, which results in a technical report accepted by a three-member faculty committee. The report must be defended in an oral presentation. To register, students must complete independent study form, available in the department office. It must be initialed by faculty sponsor and approved by department chair.