Master in Information Security - MIS
Innledning
Information technology permeates all aspects of society and has become critical to industry, government, and individual well-being. Securing the vital services and structures and ensuring availability of trustworthy information whenever and wherever it is required has become a field of intensive interdisciplinary research in the recent years. At the same time, information security has become an area of extensive commercial activity with thousands of companies developing and marketing various data protection products. The Master of science in information security provides the students with knowledge and theoretical background, as well as with the skills and attitudes necessary to succeed in this challenging yet eminently rewarding field.
The goals of the study program are achieved through the research-based courses that reflect the research results of the teaching staff to a large extent. The courses undergo revisions every year in order to keep up with the most recent scientific results in the field of information security. This provides the students with thorough knowledge about modern information security technologies, which makes this master program one of the best study programs in the field.
The study program is closely related to the research community Norwegian Information Security Laboratory (NISlab), which also offers bachelor and PhD studies in information security. This research environment consists of professors that are active in research and internationally recognized as experts in their respective fields. NISlab is a member of Forum for Research and Innovation in Security and Communication (FRISC), a Norwegian network of institutions dedicated to cutting-edge research in information security. NISlab also has strong international relations and its collaboration network includes more than 20 research institutions from more than 10 countries worldwide.
Studiets varighet, omfang og nivå
This is a two-year master program (120 ECTS credits), which is also available part-time over three or four years. The degree awarded upon completion is “Master in Information Security”.
The program has three tracks: Technology , Digital forensics , and Management . After the first semester, which is common to all the tracks (see the course structure below), the students have to choose which track they are going to pursue.
The program qualifies the students to proceed to Ph.D. studies.
Forventet læringsutbytte
Knowledge
- The candidate possesses advanced knowledge in the field of information security in general and the following particular topics: computer and network security, security management, incident response, security of critical information infrastructure and legal aspects of information security. The candidate possesses special insight and expertise in information security technology, digital forensics or security management, depending on the chosen program track.
- The candidate possesses thorough knowledge of academic theory and methods in the field of information security.
- The candidate is capable of applying knowledge in new areas within the field of information security.
- The candidate is familiar with current state-of-the-art in the field of information security.
- The candidate possesses thorough knowledge of scientific methodology, needed to plan and carry out research and development projects in the field of information security.
Skills
- The candidate is capable of analyzing existing theories, methods and interpretations of theories within the field of information security as well as solving theoretical and practical problems independently.
- The candidate is capable of using independently relevant methods in research and development in the field of information security. These methods include literature study, logical reasoning and performing scientific experiments together with interpreting their results.
- The candidate is capable of performing critical analysis of different information sources and applying the results of that analysis in academic reasoning and structuring and formulating scientific problems.
- The candidate is capable of completing an independent research and development project of moderate size under supervision (example: the master thesis), adhering to the current code of ethics in scientific research.
- The candidate is capable of carrying out a plan of a research project under supervision.
General competence
- The candidate is capable of analyzing academic, professional and research problems.
- The candidate is capable of using knowledge and skills to carry out advanced tasks and projects.
- The candidate is capable of imparting comprehensive independent work in the field of information security. The candidate also mastered the terminology in the field of information security.
- The candidate is capable of communicating academic issues, analysis and conclusions both with experts in the field of information security and with the general audience.
- The candidate is capable of contributing to innovation and innovation processes.
Internasjonalisering
The students are allowed to travel abroad to do their master theses. The information security group has strong links to many of the leading international academic groups within the field, and the students are encouraged to contact their instructors in the course «Research project planning» to ask for relevant travel opportunities.
Målgruppe
There are three focus groups for this study program:
- Undergraduate students entering the program as a continuation of their bachelor degree without any prior work experience.
- Industry students (or students in the private/public sector in general) looking for a full-time or part-time master program, which is flexible and can be adapted to their employers' needs and their own individual needs.
- International students: exchange students (arriving for a single semester only), full-time students, and part-time students.
Opptakskrav og rangering
To qualify for admission, an applicant must have a bachelor degree in computer science or a related field. The applicant must document that he/she has at least 9 ECTS credits in mathematics/statistics and at least 60 ECTS credits in computer science subjects (for example, computer programming, theory of algorithms, databases, computer networking, etc.) at the bachelor level. A grade point average (GPA) of at least C on the bachelor studies is required.
Graduate studies in information security require a somewhat different mathematical platform than the one included in most bachelor studies. To master the theoretical topics included in the master program we therefore recommend that the students attend the preparatory courses in number theory and theoretical computer science offered during the first weeks of the fall semester. We also offer consultancy in certain topics in the field of mathematics, organized occasionally during the course of the studies.
Studiets innhold, oppbygging og sammensetning
The program is offered in a flexible manner to fit well to all the three target groups of students. In general, on-campus presence is required only three times per semester (1-3 days each time), for a start-up session, for mid-term exams/presentations (and a start-up session of the second part of the semester) and for final exams/presentations. Attendance is also strongly recommended for the initial first two weeks of the program when two preparatory intense short-courses in number theory and theoretical computer science are offered . All courses are available online, but there will also be sessions on a regular weekly or bi-weekly schedule. The presence on these sessions is not required.
The program has three tracks (paths of study): technology, digital forensics, and management. Students have to choose which track they pursue after the first semester, which is common for all the tracks. The common courses in the first semester cover the core topics in both information security technology, forensics and management: Cryptology 1, Applied information security, IT governance, Legal aspects of information security, Digital forensics 1, and Scientific methodology. In the rest of the study program, each track has a set of specific courses. Elective courses, taken in the 3rd semester, are freely chosen from a common pool of electives. The students have to choose their master thesis topics within their chosen tracks.
Ordinary mandatory courses from other tracks of the program and courses from the master program in media technology and the CIMET (Color in Informatics and Media Technology) master may be included as electives. Students can also use up to 20 ECTS of the courses at the 3000 level as a part of their master program. Some of the courses listed above can also be flexible regarding time, space and teaching format upon request by the students (typically, a course may be taken in a different semester through self-study and under individual or group supervision).
Master-level courses from other institutions may be included as electives or may substitute mandatory courses at the discretion of the program director.
The course structure for the part-time students may be composed individually as long the track-specific requirements mentioned above and any course inter-dependencies are respected. The most important course inter-dependencies are the following: 1. Students should start working on their master theses in the semester following the research project planning course, 2. All previous coursework has to be completed before starting work on the master thesis (an exception of 10 missing credits may be tolerated at the discretion of the director of the study program, but only if the missing credits are not relevant for the topic of the master thesis).
Study methods
- Lectures
- Exercises
- Project work
- Essay/Article writing
- Independent study
- Group exercises
- Lab exercises
In addition to the classical study methods requiring presence by the students, the Master program in information security makes extensive use of flexible distance study methods. Every course contains the whole study material in digital form available online, via a special system available to the students once enrolled in the program. Audio recordings of the lectures are available online in most subjects contained in the program and the number of subjects that use video recording of the lectures is increasing very fast as technical possibilities make this form of presentations possible. Video streaming of the lectures is also used, whenever technical possibilities allow this. Many subjects use online exams and the exams requiring physical presence are often organized in distant places across Norway, depending on the number of interested participants.
Tekniske forutsetninger
The students who choose to participate in the study program as distance students, need a broadband Internet connection. Software that is needed is mostly freely available on the Internet. In some courses, commercial products such as MatLab, are required.
As for the practical computer skills, it is expected that the students are capable of using any contemporary operating system (Microsoft Windows, GNU/Linux, MacOS, etc.) both with a graphical user interface and a command line interface.
Emnetabeller
Master of Science in Information Security 2012-2014 Technology full-time track
| Emnekode | Emnets navn | O/V *) | Studiepoeng pr. semester | |||
|---|---|---|---|---|---|---|
| S1(H) | S2(V) | S3(H) | S4(V) | |||
| IMT4421 | Scientific methodology | O | 5 | |||
| IMT4532 | Cryptology 1 | O | 5 | |||
| IMT4561 | Applied Information Security | O | 5 | |||
| IMT4571 | IT Governance | O | 5 | |||
| IMT4591 | Legal Aspects of Information Security | O | 5 | |||
| IMT4012 | Digital Forensics 1 | O | 5 | |||
| IMT4152 | Socio-technical Security Risk Modeling and Analysis 1 | O | 5 | |||
| IMT4582 | Network Security | O | 5 | |||
| IMT4541 | Foundations of Information Security | O | 5 | |||
| IMT4552 | Cryptology 2 | O | 5 | |||
| IMT4621 | Biometrics | O | 5 | |||
| IMT4122 | Software Security Trends | O | 5 | |||
| Valgemne, 5 ECTS | V | 5 | ||||
| Valgemne, 5 ECTS | V | 5 | ||||
| Valgemne, 5 ECTS | V | 5 | ||||
| Valgemne, 5 ECTS | V | 5 | ||||
| Valgemne, 5 ECTS | V | 5 | ||||
| IMT4601 | Research Project Planning | O | 5 | |||
| IMT4904 | Master Thesis | O | 30 | |||
| Sum: | 30 | 30 | 30 | 30 | ||
Master of Science in Information Security 2012-2014 Digital Forensics full-time track
| Emnekode | Emnets navn | O/V *) | Studiepoeng pr. semester | |||
|---|---|---|---|---|---|---|
| S1(H) | S2(V) | S3(H) | S4(V) | |||
| IMT4421 | Scientific methodology | O | 5 | |||
| IMT4532 | Cryptology 1 | O | 5 | |||
| IMT4561 | Applied Information Security | O | 5 | |||
| IMT4571 | IT Governance | O | 5 | |||
| IMT4591 | Legal Aspects of Information Security | O | 5 | |||
| IMT4012 | Digital Forensics 1 | O | 5 | |||
| IMT4612 | Machine Learning and Pattern Recognition 1 | O | 5 | |||
| IMT4582 | Network Security | O | 5 | |||
| IMT4641 | Computational Forensics | O | 5 | |||
| IMT4022 | Digital Forensics 2 | O | 10 | |||
| IMT4122 | Software Security Trends | O | 5 | |||
| Valgemne, 5 ECTS | V | 5 | ||||
| Valgemne, 5 ECTS | V | 5 | ||||
| Valgemne, 5 ECTS | V | 5 | ||||
| Valgemne, 5 ECTS | V | 5 | ||||
| Valgemne, 5 ECTS | V | 5 | ||||
| IMT4601 | Research Project Planning | O | 5 | |||
| IMT4904 | Master Thesis | O | 30 | |||
| Sum: | 30 | 30 | 30 | 30 | ||
Master of Science in Information Security 2012-2014 Management full-time track
| Emnekode | Emnets navn | O/V *) | Studiepoeng pr. semester | |||
|---|---|---|---|---|---|---|
| S1(H) | S2(V) | S3(H) | S4(V) | |||
| IMT4421 | Scientific methodology | O | 5 | |||
| IMT4532 | Cryptology 1 | O | 5 | |||
| IMT4561 | Applied Information Security | O | 5 | |||
| IMT4571 | IT Governance | O | 5 | |||
| IMT4591 | Legal Aspects of Information Security | O | 5 | |||
| IMT4012 | Digital Forensics 1 | O | 5 | |||
| IMT4152 | Socio-technical Security Risk Modeling and Analysis 1 | O | 5 | |||
| IMT4582 | Network Security | O | 5 | |||
| IMT4651 | Security as Continuous Improvement | O | 5 | |||
| IMT4661 | Security Management Dynamics | O | 5 | |||
| IMT4841 | Security Planning and Incident Management | O | 10 | |||
| Valgemne, 5 ECTS | V | 5 | ||||
| Valgemne, 5 ECTS | V | 5 | ||||
| Valgemne, 5 ECTS | V | 5 | ||||
| Valgemne, 5 ECTS | V | 5 | ||||
| Valgemne, 5 ECTS | V | 5 | ||||
| IMT4601 | Research Project Planning | O | 5 | |||
| IMT4904 | Master Thesis | O | 30 | |||
| Sum: | 30 | 30 | 30 | 30 | ||
Master of Science in Information Security 2012-2015 Technology part-time track (three years)
| Emnekode | Emnets navn | O/V *) | Studiepoeng pr. semester | |||||
|---|---|---|---|---|---|---|---|---|
| S1(H) | S2(V) | S3(H) | S4(V) | S5(H) | S6(V) | |||
| IMT4561 | Applied Information Security | O | 5 | |||||
| IMT4532 | Cryptology 1 | O | 5 | |||||
| IMT4012 | Digital Forensics 1 | O | 5 | |||||
| IMT4421 | Scientific methodology | O | 5 | |||||
| IMT4552 | Cryptology 2 | O | 5 | |||||
| IMT4582 | Network Security | O | 5 | |||||
| IMT4541 | Foundations of Information Security | O | 5 | |||||
| IMT4152 | Socio-technical Security Risk Modeling and Analysis 1 | O | 5 | |||||
| IMT4571 | IT Governance | O | 5 | |||||
| IMT4591 | Legal Aspects of Information Security | O | 5 | |||||
| Valgemne, 5 ECTS | V | 5 | ||||||
| Valgemne, 5 ECTS | V | 5 | ||||||
| IMT4122 | Software Security Trends | O | 5 | |||||
| IMT4621 | Biometrics | O | 5 | |||||
| Valgemne, 5 ECTS | V | 5 | ||||||
| Valgemne, 5 ECTS | V | 5 | ||||||
| IMT4601 | Research Project Planning | O | 5 | |||||
| Valgemne, 5 ECTS | V | 5 | ||||||
| IMT4904 | Master Thesis | O | 10 | 20 | ||||
| Sum: | 20 | 20 | 20 | 20 | 20 | 20 | ||
Master of Science in Information Security 2012-2015 Digital Forensics part-time track (three years)
| Emnekode | Emnets navn | O/V *) | Studiepoeng pr. semester | |||||
|---|---|---|---|---|---|---|---|---|
| S1(H) | S2(V) | S3(H) | S4(V) | S5(H) | S6(V) | |||
| IMT4532 | Cryptology 1 | O | 5 | |||||
| IMT4561 | Applied Information Security | O | 5 | |||||
| IMT4012 | Digital Forensics 1 | O | 5 | |||||
| IMT4421 | Scientific methodology | O | 5 | |||||
| IMT4641 | Computational Forensics | O | 5 | |||||
| IMT4612 | Machine Learning and Pattern Recognition 1 | O | 5 | |||||
| IMT4582 | Network Security | O | 5 | |||||
| IMT4122 | Software Security Trends | O | 5 | |||||
| IMT4571 | IT Governance | O | 5 | |||||
| IMT4591 | Legal Aspects of Information Security | O | 5 | |||||
| Valgemne, 5 ECTS | V | 5 | ||||||
| Valgemne, 5 ECTS | V | 5 | ||||||
| IMT4022 | Digital Forensics 2 | O | 10 | |||||
| Valgemne, 5 ECTS | V | 5 | ||||||
| Valgemne, 5 ECTS | V | 5 | ||||||
| IMT4601 | Research Project Planning | O | 5 | |||||
| Valgemne, 5 ECTS | V | 5 | ||||||
| IMT4904 | Master Thesis | O | 10 | 20 | ||||
| Sum: | 20 | 20 | 20 | 20 | 20 | 20 | ||
Master of Science in Information Security 2012-2015 Management part-time track (three years)
| Emnekode | Emnets navn | O/V *) | Studiepoeng pr. semester | |||||
|---|---|---|---|---|---|---|---|---|
| S1(H) | S2(V) | S3(H) | S4(V) | S5(H) | S6(V) | |||
| IMT4561 | Applied Information Security | O | 5 | |||||
| IMT4421 | Scientific methodology | O | 5 | |||||
| IMT4012 | Digital Forensics 1 | O | 5 | |||||
| IMT4532 | Cryptology 1 | O | 5 | |||||
| IMT4152 | Socio-technical Security Risk Modeling and Analysis 1 | O | 5 | |||||
| IMT4651 | Security as Continuous Improvement | O | 5 | |||||
| IMT4582 | Network Security | O | 5 | |||||
| IMT4661 | Security Management Dynamics | O | 5 | |||||
| IMT4571 | IT Governance | O | 5 | |||||
| IMT4591 | Legal Aspects of Information Security | O | 5 | |||||
| Valgemne, 5 ECTS | V | 5 | ||||||
| Valgemne, 5 ECTS | V | 5 | ||||||
| IMT4841 | Security Planning and Incident Management | O | 10 | |||||
| Valgemne, 5 ECTS | V | 5 | ||||||
| Valgemne, 5 ECTS | V | 5 | ||||||
| IMT4601 | Research Project Planning | O | 5 | |||||
| Valgemne, 5 ECTS | V | 5 | ||||||
| IMT4904 | Master Thesis | O | 10 | 20 | ||||
| Sum: | 20 | 20 | 20 | 20 | 20 | 20 | ||
Electives
| Emnekode | Emnets navn | O/V *) | Studiepoeng pr. semester | |
|---|---|---|---|---|
| S1(H) | S2(V) | |||
| IMT3491 | Ethical Hacking and Penetration Testing | V | 5 | |
| IMT3511 | Discrete Mathematics | V | 10 | 10 |
| IMT3551 | Digital Forensics | V | 5 | |
| IMT3761 | Informasjonskrigføring | V | 5 | |
| IMT4132 | IT Rhetorics for Security Risk Managmement | V | 5 | |
| IMT4142 | Information Security Economics 1 | V | 5 | |
| IMT4632 | Machine Learning and Pattern Recognition 2 | V | 5 | |
| IMT4671 | Organizational and Human Aspects of Information Security | V | 5 | |
| IMT4722 | Behavioural Biometrics | V | 5 | |
| IMT4741 | Intrusion detection and prevention | V | 5 | |
| IMT4751 | Wireless communication security | V | 5 | |
| IMT4762 | Risk Management 1 | V | 5 | |
| IMT4772 | Risk Management 2 | V | 5 | |
| IMT4881 | Specialization Course 1 | V | 5 | 5 |
| IMT4882 | Specialization Course 2 | V | 10 | 10 |
| Sum: | 0 | 0 | ||