University of Tehran
Kish International Campus
Master Program in
Information Technology- Information Security
Introduction
The Master of Information Technology – Information Security program at
Kish campus of University of Tehran is a graduate professional program
that prepares students to work in the high-demand IT security industry
To achieve the objectives of the program and to enhance students'
learning experience, Kish campus provides an Information Security Lab
to enhance the curriculum of the program. This lab facility hosts an
array of network settings and consists of a variety of network in a
secure setting.
The curriculum also provides students with the opportunity to apply
core course concepts to a substantial project in the workplace. This
plan of study introduces students to the fundamental knowledge of the
ever-changing IT security field.
Master Degree Curriculum in Information Technology- Information
Security
Part A: Core Courses
|
Row
|
Course Name
|
Units
|
Hours
|
Practical (Hours)
|
|
1
|
Fundamentals of Information Systems Security
|
3
|
48
|
|
|
2
|
Applied Cryptography
|
3
|
48
|
|
|
3
|
Network Security
|
3
|
48
|
|
|
4
|
Secure Computer Systems
|
3
|
48
|
|
|
5
|
Database Security
|
3
|
48
|
|
|
6
|
Security Protocols
|
3
|
48
|
|
|
7
|
Seminar
|
2
|
32
|
|
|
|
|
|
|
|
|
Total
|
20
|
|
|
Part B: Elective Courses (2 Courses must be elected)
|
Row
|
Course Name
|
Units
|
Hours
|
Practical (Hours)
|
|
1
|
Security Architecture, Design and Analysis
|
3
|
48
|
|
|
2
|
Advanced Topics in Information Security
|
3
|
48
|
|
|
3
|
E-Commerce Security
|
3
|
48
|
|
|
4
|
Secure Communication Systems
|
3
|
48
|
|
|
5
|
Secure System Management
|
3
|
48
|
|
|
6
|
Formal Models and Information Security
|
3
|
48
|
|
|
7
|
Information Hiding
|
3
|
48
|
|
|
Total
|
6
|
|
|
Part C: Thesis
|
Row
|
Course Name
|
Units
|
Hours
|
Lab(Hours)
|
|
1
|
Thesis
|
6
|
|
|
|
Total
|
6
|
|
|
Fundamentals of Information Systems Security
Course content:
The Need for Information Security
, Information Systems Security, The Internet of Things Is Changing
How We Live, Malicious Attacks, Threats, and Vulnerabilities, The
Drivers of the Information Security Business, Access Controls,
Security Operations and Administration, Auditing, Testing, and
Monitoring, Risk, Response, and Recovery, Cryptography, Networks
and Telecommunications, Malicious Code and Activity, Information
Security Standards, Information Systems Security Education and
Training, U.S. Compliance Laws
References
|
[1]
|
D. Kim and M. G. Solomon, Fundamentals of Information
Systems Security, Jones & Bartlett Learning, 2016.
|
Applied Cryptography
Course content:
Foundations, Protocol building blocks, Basic protocols, Intermediate
protocols, Advanced protocols, Esoteric protocols, Key length, Key
management, Algorithm types and modes, Using algorithms, Mathematical
background, Data encryption standard, Other block ciphers, Stil other
block ciphers, Combinig block ciphers, Pseudo-random-sequence
generators and stream ciphers, Other stream ciphers and real
random-sequence generators, One-way hash functions, Public-key
algorithms, Public-key digital signature algorithms,
Identification schemes, Key-exchage algorithms, Special algorithms for
protocols, Politics
References
|
[1]
|
B. Schneier, applied cryogrhy :protocols, algorithms,
and source code in c, wiley, 2017.
|
Network Security
Course content:
Computer Network Fundamentals, Computer Network Security Fundamentals,
Security Threats and Threat Motives to Computer Networks, Introduction
to Computer Network Vulnerabilities, Cyber Crimes and Hackers,
Scripting and Security in Computer Networks and Web Browsers, Security
Assessment, Analysis, and Assurance, Disaster Management, Access
Control and Authorization, Authentication, Cryptography, Firewalls,
System Intrusion Detection and Prevention, Computer and Network
Forensics, Virus and Content Filtering, Standardization and Security
Criteria: Security Evaluation of Computer Products, Computer Network
Security Protocols, Security in Wireless Networks and Devices, Security
in Sensor Networks, Virtualization Technology and Security, Cloud
Computing Technology and Security, Mobile Systems and Corresponding
Intractable Security Issues, Internet of Things (IoT): Growth,
Challenges, and Security
References
|
[1]
|
J. M. Kizza, Guide to Computer Network Security,
Springer, 2017.
|
Secure Computer Systems
Course content:
Introduction to Computer Architecture and Security,
Digital Logic Design, Computer Memory and Storage , Bus and Interconnection, I/O and
Network Interface, Central Processing Unit , Advanced Computer Architecture,
Assembly Language and Operating Systems, TCP/IP and
Internet, Design and Implementation: Modifying Neumann
Architecture
References
|
[1]
|
S. . Wang and R. S. Ledley, computer architecture and
security, Wiley, 2013.
|
Database Security
Course content:
Recent Advances in Access Control, Access Control Models for XML,
Access Control Policy Languages in XML, Database Issues in Trust
Management and Trust Negotiation, Authenticated Index Structures for
Outsourced Databases, Towards Secure Data Outsourcing, Managing and
Querying Encrypted Data, Security in Data Warehouses and OLAP Systems,
Security for Workflow Systems, Secure Semantic Web Services, Geospatial
Database Security, Security Re-engineering for Databases: Concepts and
Techniques, Database Watermarking for Copyright Protection, Database
Watermarking: A Systematic View, Trustworthy Records Retention, Damage
Quarantine and Recovery in Data Processing Systems, Hippocratic
Databases: Current Capabilities and Future Trends, Privacy-Preserving
Data Mining: A Survey, Privacy in Database Publishing: A Bayesian
Perspective, Privacy Preserving Publication: Anonymization Frameworks
and Principles, Privacy Protection through Anonymity in Location-based
Services, Privacy-enhanced Location-based Access Control, Efficiently
Enforcing the Security and Privacy Policies in a Mobile Environment
References
|
[1]
|
M. Gertz and S. Jajodia, Handbook of Database Security:
Applications and Trends, Springer, 2008.
|
Security Protocols
Course content:
Preliminaries, Operational Semantics, Security Properties, Verification , Multi-protocol Attacks,
Generalizing NSL for Multi-party Authentication,
Historical Background and Further Reading
References
|
[1]
|
C. Cremers and S. Mauw, Operational Semantics and
Verification of Security Protocols, Springer, 2012.
|
Security Architecture, Design and Analysis
Course content:
Network security foundations, Designing secure networks, Secure network
designs
References
|
[1]
|
S. Convery, Network Security Architectures, Cisco
Press, 2004.
|
Advanced Topics in Information Security
Course Contents:
Critically evaluate some of the important past and current research
that has been undertaken within the information systems discipline;
Demonstrate an appreciation of the diversity of research currently
being undertaken within the information systems discipline;
Identify research articles in the information systems discipline that
they might wish to use in their theses or research report;
Distinguish among research approaches in the information systems
discipline and identify approaches that might be useful in subsequent
work.
· A Bit of Theory
· Coordination in Standards Setting
· The Issue of Speed
· IPR Problems
· The Economic Perspective
· After Standardization
References
|
[1]
|
K. Jakobs, Advanced Topics in Information Technology
Standards and Standardization Research Series, Idea
Group , 2006.
|
E-Commerce Security
Course content:
Security Testing of an Online Banking Service, Software Security
Analysis, New Security Issues in Mobile E-Commerce, Problems in
Policing E-Commerce Crime, Strategies for Developing Policies and
Requirements for Secure and Private Electronic Commerce, Protocols for
Secure Remote Database Access with Approximate 87
Matching, A New Approach to Reasoning about Accountability in
Cryptographic Protocols for E-Commerce, Provisional Authorizations
References
|
[1]
|
A. K. Ghosh, e-commerce security and privacy, Kluwer
Academic Publishers, 2001.
|
Secure Communication Systems
Course content:
Threats and Solutions, An Introduction to Encryption and Security
Management, Voice Security in Military Applications, Telephone
Security, Secure GSM systems, Security in Private VHF/UHF Radio
Networks, Electronic Protection Measures - Frequency Hopping, Link and
Bulk Encryption, Secure Fax Network, PC Security, Secure Email, Secure
Virtual Private Networks, Military Data Communication, Management,
Support and Training
References
|
[1]
|
R. Sutton, Secure Communication: Applications and
Management, wiley, 2002.
|
Secure System Management
Course content:
Challenges in Managing Information Security in the New Millennium
,
Information Systems Security and the Need for Policy
,
New Millennium; New Technology; Same Old Right and Wrong
,
Ethical Elements of Security and Developments in Cyberspace that
Should Promote Trust in Electronic Commerce
,
Cyber Terrorism and the Contemporary Corporation
,
Addressing Prescription Fraud in the British National Health
Service: Technological and Social Considerations
,
The Irish Experience with Disaster Recovery Planning: High Levels
of Awareness May Not Suffice
,
An Analysis of the Recent IS Security Development Approaches:
Descriptive and Prescriptive Implications
,
Internet and E-Business Security
,
Assurance and Compliance Monitoring Support
,
Intelligent Software Agents: Security Issues of a New Technology
,
Principles for Managing Information Security in the New Millennium
References
|
[1]
|
G. Dhillon, Information Security Management: Global
Challenges in the New Millennium, Idea Group, 2001.
|
Formal Models and Information Security
Course content:
Running example, Messages and deduction, Equational theory and static
equivalence, A cryptographic process calculus, Security properties,
Automated verification: bounded case, Automated verification: unbounded
case, Further readings and conclusion
References
|
[1]
|
V. Cortier, Formal Models and Techniques for Analyzing
Security Protocols, V. Cortier and S. Kremer, 2014.
|
Information Hiding
Course content:
Introduction to Information Hiding, Multimedia Steganography, Steganalysis,
Network Steganography, Robust Watermarking, Watermarking Security,
Fingerprinting, Fragile and Authentication Watermarks, Media Forensics,
Watermarking in the Encrypted Domain
References
|
[1]
|
S. Katzenbeisser and F. Petitcolas, Information Hiding,
ARTECH HOUSE, 2016.
|
