1. Interdisciplinary MS in Information Assurance Jim Wolfe Computer Science Department Indiana University of Pennsylvania EPASEC 2006

2. Overview 3-Track Rationale Program Design Interaction of Disciplines Student and Facility Requirements Delivery Status

3. The Big Security Picture BackgroundFunction Computer ScienceImplementers of information security policy Business & GovernmentDefiners of information security policy CriminologyInvestigators of information security policy violations

4. 3-Track Program Personnel with all three backgrounds must work within the constraints of the law, normal business practice, and system capability. All must work cooperatively. An interdisciplinary program requires the three groups to interact as they learn about information assurance.

5. Program Design Four components to each track: Core Required courses for the track Electives for the track Synthesis

6. Core Everybody gets a little of everything* BTST 665Information Security in the Enterprise COSC 616 Practice of Information Assurance CRIM 640 Cyberlaw and Ethical Issues IFMG 671 Information Systems Audit, Control & Security Practices PLSC 640 Information Assurance Policy *Exceptions are possible based on background

7. Computer Science Track Requirements COSC 627 Applied Cryptography COSC 635 Operating System Security CRIM/COSC 641 Digital Forensics COSC 656 Advanced Network Security

8. Business Track Requirements BTST 666Strategies for Delivering Security Information, Policies and Procedures IFMG 672 E-Commerce Security Development and Investigation BTST/IFMG 663Project Management for Information Technology Professionals

9. Criminology Track Requirements CRIM/COSC 641 Digital Forensics CRIM 642 Applied Research Methods CRIM 643 Theoretical Explanations of Cybercrimes CRIM 645 The Dynamics of Cybercrime

10. Computer Science Track Electives (choose two) COSC/IFMG 619 Secure Business Software COSC 658Wireless Network Security COSC 670Formal Methods CRIM 642Applied Research Methods IFMG 672E-commerce Security Development and Investigation

11. Business Track Electives (choose three) BTST 667 Physical Protection of Technology Assets BTST/IFMG 668 Secured Business Information Technology Infrastructure BTST/IFMG 669Records and Information Security and Quality Management BTST 670 Administrative Communication BTST 681Special Topics IFMG 681 Special Topics in Management Information Systems COSC/IFMG 619 Secure Business Software CRIM/COSC 641 Digital Forensics

12. Criminology Track Electives (choose two) CRIM 610Legal Issues in Criminology CRIM 630Seminar in Administration and Management in Criminal Justice CRIM 665Criminal Justice Planning and Evaluation CRIM 681Special Topics CRIM 699Independent Study CRIM 717Advanced Qualitative Methods CRIM 718Quantitative Strategies for Analysis in Criminology CRIM 730Ethical and Philosophical Issues in Criminology

13. Synthesis (691) Project oriented Ideal teams have students from each track Application of theory to a practical situation; e.g. develop a complete security policy with a specification for implementation and an associated risk analysis for a business.

15. Prerequisite Knowledge (for Computer Science) Undergraduate courses in each of the following areas: Data Structures and Algorithms Software Engineering Data Communications and Networks Operating Systems

16. Resource Requirements Must add faculty Little upgrading of the facilities for undergraduate courses needed Better lab management practices needed to allow graduate courses to share with undergraduate

17. Delivery Cohort approach, with some flexibility Offering design: Fall – Spring – Summer – Fall Courses offered no more than once per year Course content structured to avoid prerequisites Synthesis done last, with coaching in earlier courses Gradual incorporation of online courses

18. So, where are we now? Approved by three colleges (after a few delays) Going to the Graduate Curriculum committee Planned to start in Fall 2007