The Department of Computer Science's MS degree in Information Security and Assurance prepares graduates to fill the current and future need for information security and assurance professionals. Graduates work in a wide variety of capacities, protecting the information systems of different types of organizations and supporting the nation's information infrastructure. The Master of Science in Information Security and Assurance provides students with the general and technical knowledge and skills to understand the relationship between information security and advancing information systems technology. The program gives graduates a theoretical understanding of the science and methodologies for ensuring the secrecy and integrity of data, as well as the availability and legitimate use of data and information systems.
Students focus on the technical and management aspects of information security and examine ways to provide secure information processing systems by investigating operating systems security, distributed secure system architectures, database security, software applications security, security policies, secure e-commerce, network and distributed systems security, cryptography, and security protocols. Graduates of the program are actively recruited by federal, state, and local governments, as well as the private sector. Typical employers include Internet-based companies, software companies, banks and insurance companies, and in general any organization that depends heavily on the use of IT. All classes are scheduled in the late afternoon and early evening to accommodate employed students.
Admissions
Application Requirements
In addition to general admission requirements of the university, applicants must have earned a GPA of 3.00 or better in the last 60 credits of their baccalaureate degree. Other requirements are as follows:
- A one-page statement of educational and career goals
- Current resume
- Internationally-educated students must submit their English Proficiency scores
Policies
Foundation Requirements
To succeed in graduate courses, students entering the MS program must have coursework or equivalent knowledge in the following five foundation areas: (1) introductory programming in any programming language; (2) knowledge of an object-oriented programming language such as Java, C++, or C#; (3) data structures and algorithms; (4) machine organization such as those given in computer system architecture or assembly language courses; (5) and topics in discrete mathematics, including sets, propositional and predicate logic, relations, functions, trees, graphs, and inductive proofs.
The level of knowledge required in these areas is equivalent to that taught in undergraduate courses and may be demonstrated in one of several ways:
- Applicable undergraduate coursework: Such courses must appear on transcripts from the student’s undergraduate university, or another accredited university. Applicable courses from George Mason University and Northern Virginia Community College (NVCC) are given here:
- Foundation: Introductory programming
- GMU CS: CS 112 Introduction to Computer Programming (Mason Core)
- GMU IT: IT 106 Introduction to IT Problem Solving Using Computer Programming
- NVCC: CSC 201
- Foundation: OO programming
- Foundation: Data structures
- Foundation: Machine organization
- Foundation: Discrete math
- GMU Math: MATH 125 Discrete Mathematics I (Mason Core)
- NVCC: MATH 288
- Foundation: Introductory programming
- Preparatory coursework taken at GMU: The CS department offers the following bridge foundation courses: (1-2) SWE 510 Object-Oriented Programming in Java or COMP 501 Computer Programming Foundations I, (3) INFS 519 Program Design and Data Structures or COMP 511 Computer Programming Foundations II, (4) INFS 515 Computer Organization Course and Operating Systems or COMP 503 Computer Systems Foundations I, and (5) INFS 501 Discrete and Logical Structures for Information Systems or COMP 502 Mathematical Foundations of Computing I. These courses may be taken by students in provisional status, non-degree status, or while in another graduate program at Mason.
- Passing appropriate testout exams: Students can self-prepare and attempt testout exams for each of the four foundation requirements (OO programming, data structures, machine organization, and discrete math). The exams are given before classes begin in January and August, and can only be taken once. Registration is not required; students need only be present at the date, time, and location specified and bring some form of photographic identification. Detailed information is available on the department web site. Students who do not pass an exam must take an equivalent course before enrolling in the core curriculum courses.
Eligible domestic students who lack one or more foundations may be admitted provisionally and required to take the appropriate preparatory course or pass the testout exam. Other students may be advised to learn the foundation material and re-apply.
Advising
The department holds orientation meetings at the beginning of each semester to advise incoming and continuing students. Members of the faculty are present to answer questions and offer advice concerning programs of study. Detailed information is available on the department web site.
The department also provides advising services to students. Initial and procedural inquiries can be submitted to csgrad@gmu.edu. Each student is assigned a faculty advisor with whom to confer on matters related to degree requirements. A plan of study form for the MS degree should be completed and submitted by the student soon after admission to the program. This serves as a planning guide for the student.
Degree Requirements
Total credits: 30
Completion of the degree program requires a minimum of 30 approved graduate credits (10 courses). Students must choose a concentration.
Required Core Courses
These courses provide the necessary background and fundamentals of information systems security and assurance.
| Code | Title | Credits |
|---|---|---|
| ISA 562 | Information Security Theory and Practice | 3 |
| ISA 656 | Network Security | 3 |
| One of the following: | 3 | |
| Principles and Practices of Communication Networks | ||
| Computer Communications and Networking 1 | ||
| Total Credits | 9 | |
| 1 | Required for students who select the Network and System Security concentration. |
Concentration in Applied Cyber Security (ACBS)
Students must take any five courses from the list below. At least three of the five courses must be designated ISA, CS, or SWE.
| Code | Title | Credits |
|---|---|---|
| Select five courses from the following: | 15 | |
| Biometrics and Identity Management | ||
| Security Policy | ||
| Security Audit and Compliance Testing | ||
| Secure Software Design and Programming | ||
or SWE 681 | Secure Software Design and Programming | |
| Security Protocol Analysis | ||
| Research in Digital Forensics | ||
| Operations of Intrusion Detection for Forensics | ||
| Malware Reverse Engineering | ||
| Advanced Topics in Digital Forensics | ||
| Applied Cryptography | ||
| Advanced Applied Cryptography | ||
| Total Credits | 15 | |
Concentration in Network and System Security (NSS)
| Code | Title | Credits |
|---|---|---|
| ISA 564 | Security Laboratory | 3 |
| Select four courses from the following: | 12 | |
| Mathematical Foundations of Computer Science | ||
| Computer Systems and Fundamentals of Systems Programming | ||
| Operating Systems 1 | ||
| Topics in Resilient and Secure Computer Systems | ||
| Operating Systems Security | ||
| Intrusion Detection | ||
| Secure Software Design and Programming | ||
or SWE 681 | Secure Software Design and Programming | |
| Security Protocol Analysis | ||
| Security Experimentation | ||
| Applied Cryptography | ||
| Advanced Applied Cryptography | ||
| Total Credits | 15 | |
| 1 | Students who elect to take CS 571 Operating Systems but who have not taken CS 367 Computer Systems and Programming or its equivalent are advised to take CS 531 Computer Systems and Fundamentals of Systems Programming first. |
Additional Courses
| Code | Title | Credits |
|---|---|---|
| All students select two remaining courses from any combination of the following: 1 | 6 | |
Courses from the pre-approved electives list (follows) | ||
| MS Thesis (must take 6 credits) | ||
| Total Credits | 6 | |
| 1 | Students may choose other graduate electives with the consent of their faculty advisor and the graduate coordinator. |
Pre-Approved Electives by Program
Information Systems (INFS)
| Code | Title | Credits |
|---|---|---|
| INFS 623 | Web Search Engines and Recommender Systems | 3 |
| INFS 740 | Database Programming for the World Wide Web | 3 |
| INFS 760 | Advanced Database Management | 3 |
| INFS 772 | Intelligent Agents and the Semantic Web | 3 |
| INFS 774 | Enterprise Architecture | 3 |
Software Engineering (SWE)
| Code | Title | Credits |
|---|---|---|
| SWE 619 | Object-Oriented Software Specification and Construction | 3 |
| SWE 620 | Software Requirements Analysis and Specification | 3 |
| SWE 621 | Software Design and Architecture | 3 |
| SWE 622 | Distributed Software Engineering | 3 |
| SWE 632 | User Interface Design and Development | 3 |
| SWE 637 | Software Testing | 3 |
| SWE 642 | Software Engineering for the World Wide Web | 3 |
| SWE 645 | Component-Based Software Development | 3 |
| SWE 681 | Secure Software Design and Programming | 3 |
| SWE 721 | Reusable Software Architectures | 3 |
Digital Forensics (DFRS)
| Code | Title | Credits |
|---|---|---|
| DFOR 761 | Malware Reverse Engineering | 3 |
| DFOR 780 | Advanced Topics in Digital Forensics | 3 |
Electrical and Computer Engineering (ECE)
| Code | Title | Credits |
|---|---|---|
| ECE 646 | Applied Cryptography | 3 |
| ECE 746 | Advanced Applied Cryptography | 3 |