Photos of university / #uniofsurrey
Advertisement
This MSc will equip you to become a security expert of the future, broadening your awareness and expert knowledge with in-depth, practice-oriented technical skills in cyber and information security.
Why Surrey?
Surreys Information Security MSc benefits from the internationally visible, high-quality research activities and multiple links with academia and industry provided by the Surrey Centre for Cyber Security, which is managed by the Department of Computing.
The Information Security MSc programme is taught by experts in the field and equips students with solid theoretical background and hands-on experience in various important areas of Information Security.
Programme overview
The electronic collection, transmission, processing, storage and retrieval of digital information are present in all spheres of our modern computerised society. Most existing commercial and private services can no longer be imagined without the underlying infrastructure and technology for handling the digital information. As such, protection of digital information from unauthorised access and use (as well as resilience of the underlying network infrastructure and systems to various sorts of attacks and their proactive protection against the prevalent cyber threat) has become one of the main challenges of the technological development of our society.
The science behind Surreys Information Security MSc connects various disciplines (from computer science, electronic engineering and mathematics) and aims to design concepts, mechanisms and technologies for effective protection of digital information, communication infrastructures and computing systems.
The new MSc in Information Security programme at the University of Surrey is focused on key information security concepts, mechanisms and technologies. It covers fundamental and advanced topics in important areas of modern information security, aiming to achieve a balance between theoretical foundations and practical experience.
The range of topics addressed within the six compulsory modules of the programme spans:
* Cryptographic algorithms and protocols
* Security protocols for key management
* Protection of communication networks at different levels of the internet protocol stack
* Mechanisms for multimedia data protection (including watermarking and steganography)
* Concepts and technologies for digital forensics
* Design concepts for building secure and trustworthy systems
* Privacy-enhancing technologies to protect user privacy and anonymity
* Concepts of human-centered and usable security
* Security-oriented applications, such as trustworthy e-voting
In addition, students will need to select two modules from the range of offered optional modules, which cover further security-related topics or more general topics from computer science. In their final dissertation projects, students will be able to individually apply their knowledge of learned concepts and techniques, or conduct original research work on the design and development of innovative security mechanisms and applications.
Module overview
Compulsory modules
IT Security I - Information and Network Security
This module covers basic concepts of information security, and introduces a range of important security protocols that are currently used in practice to protect digital communications and network infrastructures. The module starts with the definition of general information security goals and gives an overview of network protocols and attacks. It then details important network security protocols such as Kerberos, Internet Key Exchange (IKE) and IPsec, and introduces the concept of Public Key Infrastructures (PKI) and X.509 certificates.
IT Security II - Security Protocols and Formal Analysis
This module covers more advanced network security protocols such as Transport Layer Security (TLS) and introduces a range of security tools and libraries that can be used for a general security analysis of networking infrastructures. Students will further be taught to conduct security analysis of network protocols in a formal way. This includes formal specification of security goals and automated analysis of security using appropriate tools. The underlying theory of formal methods will be introduced on the fly.
Cryptography I - Symmetric Cryptography
This module introduces basic cryptographic concepts and algorithms in the area of private-key (or symmetric) cryptography. Following a short overview of historical ciphers, this module will introduce concepts of perfect secrecy (e.g. one-time pad), one-way functions, pseudo randomness, block ciphers (e.g. 3DES, AES), collision-resistant hash functions (e.g. SHA) and message authentication codes (e.g. HMAC). Formal security definitions of these primitives will be introduced alongside with their general constructions and practical realisations.
Cryptography II - Asymmetric Cryptography
This module introduces basic cryptographic concepts, algorithms, and protocols in the area of public-key (or asymmetric') cryptography. Following an introduction of required mathematical concepts from number theory (e.g. modular arithmetic, integer factorization) and discrete mathematics (e.g. cyclic groups, discrete logarithms) this module will cover cryptographic algorithms for public-key encryption and digital signatures (e.g. ElGamal, RSA), cryptographic protocols for the establishment of secret keys (e.g. Diffie-Hellman) as well as a selection of advanced cryptographic protocols (e.g. threshold cryptography, identification protocols, zero-knowledge proofs). Formal security definitions of these algorithms will be introduced alongside their constructions and practical realisations.
Multimedia Security and Digital Forensics
This module focuses on digital protection and forensic analysis of multimedia content and information hiding using signal processing techniques. Following an introduction of required fundamental multimedia processing techniques, this module will cover two main branches of information hiding: steganography and digital watermarking. The module will further explain concepts and technologies behind digital forensics for various types of data including both textual, binary and multimedia data.
Secure Systems and Applications
This module covers concepts and technologies for building secure and usable systems. The different lectures of the module focus on access control mechanisms, security mechanisms for software and operating systems (e.g. Android), threats and countermeasures for web applications, human-centered security concepts such as user authentication (e.g. passwords), social engineering attacks (e.g. phishing), usability and economics of security, protection mechanisms for user privacy and anonymity as well as selected security applications such as secure e-voting.
Optional Modules
Information Security Trends
This module contains a series of lectures and is taught in the style of a seminar. The talks are given by security professionals, from academia and industry, on modern topics of information security and its applications.
Enterprise Systems Development
This module demonstrates the latest and most popular technologies used for building enterprise applications. Example topics of study include n-tier architectures, integration approaches, build and test environments, persistence approaches and performance issues. Although the module covers theoretically most popular technologies, it also focuses on Java and J2EE implementation principles.
Databases and Knowledge Discovery
This module first develops the necessary skills and familiarity for using state-of-the-art technologies to design, implement and manage database systems, and also shows how to use a range of data mining and information retrieval tools to discover data patterns and retrieve information from databases.
Cloud Computing
This module introduces key concepts and technologies behind cloud computing that are used in a variety of academic and industrial contexts (e.g. Amazon EC2, Google App Engine, Apache Hadoop, Eucalyptus, OpenStack, Condor). The module covers cloud computing architectures, systems, supporting software applications, resource management and information services.
Project Management and Business Strategy
This module provides students with understanding and skills that are necessary to manage IT projects and operations in industry. In addition to theoretical foundations, this module teaches students how to use techniques for effective project management in various strategy-forming processes.
Dissertation project
The MSc dissertation project makes up one third of the degree programme, starting towards the end of the first semester and completing at the end of the summer. During the project, you are supervised by a member of academic staff to advise and guide you to completion. At the end of the project, you must submit your bound dissertation, which forms a complete record of the project.
The project focuses in depth on a subject at the leading edge of computing. For example, projects can undertake the development of a software system to solve a particular problem, possibly in collaboration with an industrial partner.
Alternatively, projects can be research-based, in which case an aspect of computing is investigated, perhaps to evaluate particular techniques or propose a new algorithm. These projects are usually closely linked to the Departments research strengths.
Whatever the topic, you are expected to develop a critical understanding of the methods and technologies needed, then implement and evaluate your chosen solution to a professional standard. Project planning and time management is an important part of the experience.
Teaching and assessment
Taught Masters programmes in the Department of Computing utilise our research-active staff in conjunction with state-of-the-art facilities. We provide a range of learning experiences, including lectures, tutorials, directed study, practical laboratories and project work, which prepare graduates for their professional life.
We are particularly keen to develop, in all our students, a broad range of generic skills to complement the core technical or scientific competencies of their chosen subject area. Our modular programme format, coupled with the increasing use of innovative teaching and learning strategies such as e-learning and industrially focused short courses, provides a flexible study environment whilst maintaining academic rigour and quality.
Scholarships
Surrey and Santander Scholarships
The University of Surrey are pleased to offer three scholarship schemes aimed at further enhancing our cultural diversity:
* Surrey Country Scholarships
* Santander Country Scholarships
* Santander University Scholarships
Tullow Oil Scholarship Scheme
The University of Surrey is delighted to announce it has recently been selected to participate in the Tullow Oil Scholarship Scheme.
Indonesia-UK DIKTI Scholarship Scheme
Open to lecturers and administrative staff at Indonesian universities.
Discounts for Surrey graduates
Thinking of continuing your education at Surrey? As an alumni of Surrey you could be eligible for a 10% discount on our Taught Masters programme fees.
Accreditation
Professional recognition
The accreditation process of the Information Security MSc programme by the British Computer Society (BCS) has been initiated. It will enable programme graduates to reach Chartered IT Professional (CITP) status.
Currency
EUR
GBP
KZT
INR
RUB