MS Information Systems Course Descriptions

Techniques and technologies of information and data security. Managerial aspects of computer security and risk management. Security services. Legal and ethical issues. Security processes, best practices, accreditation, and procurement. Security policy and plan development and enforcement. Contingency, continuity, and disaster recovery planning. Preparation for design and administration of a complete, consistent, correct, and adequate security program. Can be taken in place of MSIS 2625. (2 units)

Procedures for identification, preservation, and extraction of electronic evidence. Auditing and investigation of network and host system intrusions, analysis and documentation of information gathered, and preparation of expert testimonial evidence. Forensic tools and resources for system administrators and information system security officers. Ethics, law, policy, and standards concerning digital evidence.Prerequisite: COEN 20 or equivalent. Co-requisite: COEN 252L. (4 units)

Software engineering for secure systems. Security models and implementations. Formal methods for specifying and analyzing security policies and system requirements. Development of secure systems, including design, implementation, and other life-cycle activities. Verification of security properties. Resource access control, information flow control, and techniques for analyzing simple protocols. Evaluation criteria, including the Orange and Red books and the Common Criteria, technical security evaluation steps, management, and the certification process. Prerequisites: AMTH 387 (Cryptology) and COEN 250 (Information Security Management). (2 units)