ARIA -- UMASS

Related Links: UMass Amherst | Computer Science Dept |

Department of Computer Science
Academics and Research in Information Assurance


About | Research | Info for Students | Invited Speakers | Our Funding | Scholarships | Contact | Mission Statement

We are constantly increasing our reliance on computers for managing information from tasks both great and small. In scenarios ranging from our personal lives to our nation's critical infrastructure, the security and privacy of information is a fundamental challenge in computer science.

The Department of Computer Science offers to its B.S. students the chance to complete a concentration in Information Assurance. The IA concentration requires no additional courses within the major. Our courses are taughy by faculty doing cutting-edge research in security and privacy, including Kevin Fu, Brian Levine, and Gerome Miklau. We encourage students to not only take our classes, but to get involved in undergraduate research with these professors.

 

If you would like to enroll, please fill out this form, and place it in Priscilla Scott's mailbox in the main office of the Department of Computer Science . Even if you have not taken a single class yet, we'd still like to know that you are interested in the concentration. You are under no obligation to complete the concentration if you turn in the form.

The mailing list for students interested in the concentration and for students enrolled in the concentration is iaconc@cs.umass.edu (Info Assurance Concentration).

TO SUBSCRIBE: Send "subscribe iaconc" to majordomo@cs.umass.edu. You are welcome to subscribe even if you are not currently planning to complete the IA concentration.

Students who have achieved this distinction have completed the following requirements (in addition to the normal required classes for the BS, which includes Operating Systems, Discrete Math, etc). Note that we've dropped the 445 requirement.

  1. CS 453: Introduction to Computer Networks
  2. CS 415/491S: Introduction to Computer and Network Security
  3. One of following courses:
    • CS 591D: Applied Crypto Next offered Spring 2008 (Fu). This class has a term project.
    • CS 491C: Computer Forensics Next offered Fall 2008 (Levine). There will be an option to do a project in this class.
    • CS 615/691cc: Advanced Information Assurance Next offered in Fall 2007 (Fu/Levine). This course will not be offered again until Fall 2009. Please plan accordingly.
    • A project-oriented class. The project must be on an information assurance topic even though the class does not need to be. (To avoid all problems later, please pre-approve your IA project with Brian Levine or Robbie Moll.)
      • Example courses include CS 496 (Independent study) and 499Y/499T (Honors research or honors thesis). You are required to get a B- or better.
      • For the Fall 2006 semester: Other classes that offer security oriented projects are CS453 (Venkataramani), CS445 (Miklau), CS535 (Weems). You are required to get a B- or better in the class.
      • CS 691*: that is, a graduate-level seminar on security. These are offered from time-to-time, but are not regularly scheduled. You are required to get a B- or better and the seminar must include a term project.
      • A course we don't know about: come see Brian Levine if you want pre-approval for a course we are unaware of, for instance one offered at another of the Five Colleges or another department at UMass. The course must have a term project in security --- the course itself does not have to focus on security.
 

If you are interested in Information Assurance, but are not interested in the concentration just yet, the following Computer Science courses have IA content or background materials:

  • CMPSCI 311: Introduction to Algorithms, including an survey of crypto techniques, public-key crypto, RSA.
  • CMPSCI 377: Operating Systems: Encryption, Key distribution, Replay attacks and nonces, Authentication (passwords, tokens, biometrics), Authorization and Capabilities, Principles of Design (Least Privilege, Defense in Depth), Hidden Channel Attacks, Buffer Overflows and Trojan Horses
  • CMPSCI 445: Information Systems
  • CMPSCI 453: Computer Networks: principles of cryptography; authentication; integrity; key distribution and certification; firewalls; attacks and countermeasures; case studies.
  • CMPSCI 491Q: Systems Building for Mobile Devices: any project chosen by students can involve security.
  • CMPSCI 415: Introduction to Computer and Network Security: ethics; fundamental defs; basic crypto tools, hardening linux systems; Risk assessment; CVE; policy; secure programming; TCP/IP vulnerabilities; Firewalls; securing DNS; anonymous routing; malware; monitoring; IDS; incident handling; system recovery; symmetric/asymmetric crypto; hashes; key management; sigs; kerberos; PKI/SSL/VPN; kerberos implementations; DOS/DDOS; wireless security.
  • CMPSCI 530 Programming Languages
  • CMPSCI 591D Applied Cryptography covers the foundations of modern cryptography and the humility of building practical cryptographic systems. Topics include fundamentals of cryptography, applications, attacks, and theory. The class draws on material from public key cryptography, hash functions, symmetric cryptography, and other timely topics -- primarily from number theoretic, performance, and definitional perspectives.
  • CMPSCI 591G Computer Networking Lab; router security.
  • CMPSCI 615 Advanced Information Assurance
  • CMPSCI 653 Advanced Computer Networking
  • CMPSCI 677 Advanced Operating Systems