The Department of Computer Science's MS degree in Information Security and Assurance prepares graduates to fill the current and future need for information security and assurance professionals. Graduates work in a wide variety of capacities, protecting the information systems of different types of organizations and supporting the nation's information infrastructure. The Master of Science in Information Security and Assurance provides students with the general and technical knowledge and skills to understand the relationship between information security and advancing information systems technology. The program gives graduates a theoretical understanding of the science and methodologies for ensuring the secrecy and integrity of data, as well as the availability and legitimate use of data and information systems.

Students focus on the technical and management aspects of information security and examine ways to provide secure information processing systems by investigating operating systems security, distributed secure system architectures, database security, software applications security, security policies, secure e-commerce, network and distributed systems security, cryptography, and security protocols. Graduates of the program are actively recruited by federal, state, and local governments, as well as the private sector. Typical employers include Internet-based companies, software companies, banks and insurance companies, and in general any organization that depends heavily on the use of IT. All classes are scheduled in the late afternoon and early evening to accommodate employed students.

Degree Requirements

Students are required to complete 30 credits corresponding to 10 graduate courses.

To provide the necessary background and fundamentals of information systems security and assurance, the program has three core courses (9 credits) that are required of all students. To continue in the program, students are required to obtain a B- or better grade in the core courses.

  • ISA 562 Information Security Theory and Practice
  • ISA 656 Network Security
  • INFS 612 Principles and Practice of Communication Networks OR CS 555 Computer Communications and Networking
    • Note: Students selecting the Network and System Security concentration must take CS 555.

Students must choose a concentration: Network and Systems Security or Applied Cyber SecurityStudents fulfill the requirements of a concentration by completing five courses from one of the two options below.

Network and System Security Concentration (15 credits)

  • ISA 564 - Security Laboratory (required)

AND four courses from the list below:

  • CS 530 - Mathematical Foundations of Computer Science
  • CS 531 - Fundamentals of Systems Programming
  • CS 571 - Operating Systems
    • Students who want to take CS 571 but have not taken CS 367 or equivalent, are advised to take CS 531 before CS 571.
  • CS 779 - Topics in Resilient and Secure Computer Systems
  • ISA 673 - Operating Systems Security
  • ISA 674 - Intrusion Detection
  • ISA 681 - Secure Software Design
  • ISA 763 - Security Protocol Analysis
  • ISA 764 - Security Experimentation
  • ECE 646 - Cryptography and Computer Network Security
  • ECE 746 - Advanced Applied Cryptography

Applied Cyber Security Concentration (15 credits)

At least three of the five courses must be designated ISA or CS.

  • CS 667 - Biometrics and Identity Management
  • ISA 650 - Security Policy
  • ISA 652 - Security Audit and Compliance Testing
  • ISA 681 - Secure Software Design
  • ISA 763 - Security Protocol Analysis
  • ISA 785 - Research in Digital Forensics
  • CFRS 663 - Operations of Intrusion Detection for Forensics
  • CFRS 761 - Malware Reverse Engineering
  • CFRS 780 - Advanced Topics in Computer Forensics
  • ECE 646 - Cryptography and Computer Network Security
  • ECE 746 - Advanced Applied Cryptography

Electives (6 credits)

The remaining two courses required for the program may be chosen from any combination of (i) courses at the ISA 500, 600 and 700 level  (ii) courses at the CS 500, 600, and 700 level and (iii) from the list of preapproved electives. Students may choose other graduate electives with the consent of their faculty advisor and the director of the MS-ISA program.

Thesis (optional):

Students, with the consent of a faculty sponsor and faculty advisor, may also elect courses in individualized study, special topics, or a 6-credit thesis (ISA 799). The thesis must be guided and approved by a committee of three appropriate faculty members and presented at an appropriate forum. 

Additional Information

For additional information on the degree requirements of the MS in Information Systems:

  • The MS-ISA section of the Mason Catalog is the official source for the degree requirements of the program.
  • These slides from the orientation for new MS students provide an overview of the program, as well as additional useful information.

Academic Advising

A plan of study form for the MS degree should be completed and submitted by the student soon after admission to the program. This serves as a planning guide for the student. This plan should be kept up to date by regular consultation with the academic advisor. A final signed version of the plan must be included when the student submits a graduation application.

Plan of Study forms for all the MS degrees offered by the CS department are available at this web page.

For more information, please see the academic advising pages and the FAQ for Masters students.