M.S. in Information Assurance

Prepare to Combat Information Security Threats Train for a Career That’s in Demand!

Northeastern University’s interdisciplinary Master of Science in Information Assurance program provides the broad knowledge you need to make strategic decisions about information security issues, including identity theft, computer viruses, and electronic fraud. 

  • Focus on information technology as well as relevant knowledge from the social sciences, law, criminology, and management.
  • Learn from highly qualified faculty how to assess and manage information security risks, and how to present your recommendations to management.
  • Customize your program with courses that meet your professional needs.
  • Study full-time or part-time, on campus or online, in a program ideal for working professionals.
  • Complete your degree requirements in as few as four semesters.

With cyber attacks accelerating, there is a shortage of trained information assurance professionals and a tremendous need for their skills.

View the requirements for admission to the Master of Science in Information Assurance program that prepares you for these career opportunities.

Program

In Northeastern’s Master of Science in Information Assurance program, students take courses tailored to their backgrounds. Students with social science and other backgrounds strengthen their technical skills, and those with prior technical experience add to their understanding of the context in which they will apply technology. All students learn about the key issues in information security and how technology can help resolve them.

Electives let students customize their program to meet their organization’s needs and their own professional goals.

The required capstone project enables students to tackle an information security issue important to their organizations, demonstrate their industry knowledge, and collaborate with others.

Requirements

The program requires completion of 32 semester hours of coursework. This includes:

  • IA 5010 Foundations of Information Assurance (4 semester–hour core course)
  • At least two 4 semester–hour courses from each of the technical and contextual tracks (a total of 16 semester hours)
  • Electives (8 semester hours)
  • Interdisciplinary Capstone Team Project (4 semester hours)
Full-time students can complete this course work in four semesters by taking two courses per semester. Degree candidates can choose to take more courses per semester, but the courses selected for credit toward the degree must remain within the program guidelines. A GPA of 3.0 is required for matriculation.


Required Courses


Technical Track (complete at least 2 courses)


Contextual Track (complete at least 2 courses)


Electives

All information assurance courses may be taken as electives. With approval from the Master of Science in Information Assurance program director, computer science, criminal justice, engineering, and business administration courses can also be accepted as electives.  Examples of elective courses are:

IA5976 Directed Study

IA5978 Independent Study

IA5984 Research

IA8982 Readings

CJ7224 Law and Psychology

CJ7252 White Collar Crime

CJ7242 Terrorism and International Crime

CS5500 Managing Software Development

CS5600 Computer Systems

CS5200 Database Management Systems

CS5700 Fundamentals of Computer Networking

CS6710 Wireless Networks

CS6540 Foundations of Formal Methods and Software Analysis

MGMT6215 Strategic Security Management


Sample Course Plan

First Semester

Second Semester

IA5010

Foundations of IA

Elective from Technical Track

8SH


Elective from Technical Track

Elective from Contextual Track

8SH 

Third Semester

Fourth Semester

Elective from Contextual Track


Free Elective

8SH

IA7900 

Capstone Project

Free Elective 

8SH

Total Semester Hours = 32



Course Descriptions

IA5010 Fundamentals of Information Assurance

In this course, students will build a common cross-disciplinary understanding of the foundations of information assurance. The course presents an overview of basic principles and security concepts related to information systems, including workstation security, system security, and communications security. The course introduces information security via database technology. It discusses the legal infrastructure, including DMCA, the Telecommunications Act, and wire fraud and other ethical issues. The course also covers security methods, controls, and procedures; the economics of cyber crime; criminal procedure; and forensics. In addition, the course describes the use of cryptography as a tool, software development processes, and protection. Students will develop an understanding of the information assurance profession and how they can apply this knowledge to support their organizations.

IA5120 Applied Cryptography

Prerequisite: IA5010 and permission of instructor

This course provides a survey of both the principles and the practice of cryptography. Among the topics covered are symmetric encryption schemes, including DES and AES; public key cryptosystems such as RSA; Discrete Logarithm; hash functions, authentication, and digital signatures; key management; and digital certificates. Also discussed are network security protocols and applications, including Kerberos and SSL.

IA5130 Computer Systems Security

Prerequisite: IA5010 and permission of instructor

Study issues involved in the security of computer systems. Topics include security models, authentication issues, access control, intrusion detection, and damage control. The course incorporates case studies and laboratory exercises.

IA5140 Network Security Practices

Prerequisite: IA5010 and permission of instructor

Study issues involved in the security of computer networks. Topics include firewalls, viruses, virtual private networks, Internet security, and wireless security. The course incorporates case studies and laboratory exercises.

IA5200 Risk Management for Information Assurance

This course provides the principles and methodologies involved in identifying and addressing information risk management issues in organizations. Students are trained in information security risk assessment and the creation of security plans. They are also trained to create policies and procedures to manage risks related to identity and access management, network, database and application monitoring, and infrastructure vulnerabilities. The course provides the necessary knowledge and understanding of the requirements for compliance with U.S. and International laws, federal systems guidelines, standards, directives, and industry best practices. It combines classroom lectures with practical projects and presentations.

IA5210 Information System Forensics

Designed to allow students to explore the techniques used in computer forensic examinations, this course examines computer hardware, physical and logical disk structures, and computer forensic techniques. Hands-on experiences will be conducted on DOS; Windows operating systems; Macintosh, Novell, and Unix/Linux platforms; and network devices such as switches and routers. Students will build on basic computer skills and gain hands-on experience with the tools and techniques to investigate, seize, and analyze computer-based evidence, using a variety of specialized forensic software in an IBM-PC environment.

IA5240 Ethics, Privacy, and Digital Rights

Understand the legal and ethical issues associated with information security, including access, use, and dissemination. Emphasis is on the legal infrastructure relating to information assurance, such as the Digital Millenium Copyright Act, Telecommunications Decency Act, HIPAA, and Sarbanes-Oxley Act, and on emerging technologies for management of digital rights, such as PCI-DSS. Examine the role of information security in various domains, including healthcare; scientific research; and personal communications, such as e-mail. Also examine such criminal activities as computer fraud and abuse, desktop forgery, embezzlement, child pornography, computer trespass, and computer piracy.

IA7900 Capstone Project

The team project is intended to draw together candidates from diverse backgrounds (technical, legal, and/or law enforcement) in a collaborative activity to address one or more security issues from an integrated perspective. The project is generally oriented toward industry. A project proposal is submitted and accepted prior to the semester in which the project is to be undertaken.


Faculty

Faculty with extensive experience in industry and research teach you the best and latest practices in information assurance.

Themis Papageorge, Information Assurance Program Director and Associate Clinical Professor For ten years before he joined the College of Computer and Information Science, Themis Papageorge was vice president of services at Guardium a market leader in database security, auditing, and monitoring, and at Courion, a leader in identity access management, authentication, and security. He has a total of twenty-five years of corporate experience in technology, planning, and process and system redesign, including twelve years at the Digital Equipment Corporation. He received his PhD in risk management and engineering economics from the MIT Sloan School of Management, an MS in naval architecture and marine engineering from MIT, and a BS in naval architecture and marine engineering from National Technical University of Athens, Greece.

Kevin Amorin received his MS degree in computer science from Northeastern University’s College of Computer Science in 2005. He is currently a solution architect and IT manager at Virtual Computer, a start-up company using virtualization to better manage corporate PCs. His ten years of IT industry experience includes seven years as the network security manager at Harvard University’s Kennedy School of Government.

 

Kyle Courtney received his MS degree in library and information science from Simmons College in 2006 and earned a JD degree from Suffolk University Law School in 2002. In addition to teaching at the College of Computer Science, he is a lecturer for the Northeastern University School of Law. He also has taught at Columbia University School of Law and Emerson College.

Michael Higgins is the chief security officer at the New York Times Company.  A security and risk management executive for two decades, he was most recently the chief security officer at LexisNexis. He also has worked for the U.S. Department of Defense and has been a executive consultant for many Fortune 500 companies, including Citigroup, Time Warner, Sun Microsystems, and British Petroleum. Michael Higgins received a BS in criminal justice from Northeastern University and an MS in engineering from the University of Southern California.

Frederick J. Howell, Jr., MBA, CISSP is a senior information security assurance specialist with the Bose Corporation. He is an experienced information security consultant for Fortune 500 companies and has also worked for the office of the attorney generals in Massachusetts and New Hampshire. He is currently completing his PhD in information assurance at the University of Fairfax in Virginia.

Richard Moore, CISSP, CISM, GPEN received a master's degree in information assurance from Norwich University in 2005. He is an information security consultant for Fortune 500 companies and federal government agencies. His professional credentials include Certified Industry Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Global Information Assurance Certification Penetration Tester (GPEN). He serves on several professional boards and is a contributing author for the fifth version of the Computer Security Handbook.

David LaPorte received his MS degree in information assurance from Northeastern University’s College of Computer and Information Science in 2009. He is the security manager for Harvard University’s network and server systems and a teaching fellow at Harvard University Extension School.

Dennis Treece is the director of corporate security for Massport and responsible for all aspects of security at Logan International Airport. He has over thirty years of security experience and has worked with intelligence, security, and law enforcement agencies at all levels.

Leonard Wisniewski is currently Director of Technology Services for the Institute of Quantitative Social Sciences at Harvard University.   Len has held various engineering and management roles in High Performance Computing at Sun Microsystems, Thinking Machines (acquired by Sun), and Acopia Networks (acquired by F5 Networks).  He received a PhD in computer science from Dartmouth College and has taught at Endicott College, Daniel Webster College, and Dartmouth College.

 

Admission Requirements

Admission to the Master of Science in Information Assurance program requires:

  • A bachelor’s degree
  • Knowledge of basic information technology concepts and mathematics
  • To ensure an adequate background, students are expected to have taken courses or have experience in introductory computer systems and discrete mathematics. If students do not have this preparation, their advisers will assign the necessary prerequisite courses.

The Graduate Record Examination (GRE) is highly recommended for applicants to the MS in Information Assurance program who would like to be considered for financial assistance. A combined GRE score of 1100 and writing score of 3, or a TOEFL score of 250 CBT/100 IBT, is recommended. English tests may be required of international students when they arrive on campus.

Additional Requirements for International Students

International students must submit official scores on the TOEFL examination and a Declaration and Certification of Finances (DCF) form (if applicable).

Application Process

All applicants must submit:

  • A completed application form
  • Three confidential letters of recommendation
  • The application fee of US$50
  • Official transcripts from all colleges/universities attended

The following items must accompany the application:

  • A recent professional resume listing detailed responsibilities in each position
  • A written statement of purpose,career orientation, and expected outcomes and benefits from the program

Admission is granted upon the recommendation of the program's Graduate Committee after a review of complete application materials.

Financial Aid

Eligible students may be considered for financial aid. Provisional, special, and other students are not eligible for scholarships.

Scholarship Programs  

Two scholarship programs that provide full-tuition and stipend are available to qualified U.S. citizens: 

Dean’s Scholarship Program  

The Dean’s Scholarship Program covers tuition according to the following guidelines:

  • Full-time students are eligible for a graduate tuition scholarship of up to one-third of tuition. The maximum dollar amount may not exceed the tuition charged for 4 semester hours in each term of full-time registration.
  • Part-time students are eligible for a graduate tuition scholarship of up to one-quarter of their tuition. The maximum dollar amount may not exceed the tuition charged for 2 semester hours in each term of part-time registration.

For detailed information, contact the Office of Student Financial Services, 356 Richards Hall, 617.373.5899.

Request More Information

For more information please contact msia@lists.ccs.neu.edu