Master in Information Technology- Information Security


Program Description


The Master of Information Technology – Information Security program at Kish campus of the University of Tehran is a graduate professional program that prepares students to work in the high-demand IT security industry.

To achieve the objectives of the program and to enhance students' learning experience, Kish campus provides an Information Security Lab to enhance the curriculum of the program. This lab facility hosts an array of network settings and consists of a variety of network in a secure setting.

The curriculum also provides students with the opportunity to apply core course concepts to a substantial project in the workplace. This plan of study introduces students to the fundamental knowledge of the ever-changing IT security field.

Part A: Core Courses

Part B: Elective Courses (2 Courses must be elected)

Part C: Thesis

Fundamentals of Information Systems Security

Course content:

The Need for Information Security, Information Systems Security, The Internet of Things Is Changing How We Live, Malicious Attacks, Threats, and Vulnerabilities, The Drivers of the Information Security Business, Access Controls, Security Operations and Administration, Auditing, Testing, and Monitoring, Risk, Response, and Recovery, Cryptography, Networks and Telecommunications, Malicious Code and Activity, Information Security Standards, Information Systems Security Education and Training, U.S. Compliance Laws

Applied Cryptography

Course content:

Foundations, Protocol building blocks, Basic protocols, Intermediate protocols, Advanced protocols, Esoteric protocols, Key length, Key management, Algorithm types and modes, Using algorithms, Mathematical background, Data encryption standard, Other block ciphers, Stil other block ciphers, Combining block ciphers, Pseudo-random-sequence generators and stream ciphers, Other stream ciphers and real random-sequence generators, One-way hash functions, Public-key algorithms, Public-key digital signature algorithms, Identification schemes, Key-exchange algorithms, Special algorithms for protocols, Politics

Network Security

Course content:

Computer Network Fundamentals, Computer Network Security Fundamentals, Security Threats and Threat Motives to Computer Networks, Introduction to Computer Network Vulnerabilities, Cyber Crimes and Hackers, Scripting and Security in Computer Networks and Web Browsers, Security Assessment, Analysis, and Assurance, Disaster Management, Access Control and Authorization, Authentication, Cryptography, Firewalls, System Intrusion Detection and Prevention, Computer and Network Forensics, Virus and Content Filtering, Standardization and Security Criteria: Security Evaluation of Computer Products, Computer Network Security Protocols, Security in Wireless Networks and Devices, Security in Sensor Networks, Virtualization Technology and Security, Cloud Computing Technology and Security, Mobile Systems and Corresponding Intractable Security Issues, Internet of Things (IoT): Growth, Challenges, and Security

Secure Computer Systems

Course content:

Introduction to Computer Architecture and Security, Digital Logic Design, Computer Memory and Storage, Bus and Interconnection, I/O and Network Interface, Central Processing Unit, Advanced Computer Architecture, Assembly Language and Operating Systems, TCP/IP, and Internet, Design and Implementation: Modifying Neumann Architecture

Database Security

Course content:

Recent Advances in Access Control, Access Control Models for XML, Access Control Policy Languages in XML, Database Issues in Trust Management and Trust Negotiation, Authenticated Index Structures for Outsourced Databases, Towards Secure Data Outsourcing, Managing and Querying Encrypted Data, Security in Data Warehouses and OLAP Systems, Security for Workflow Systems, Secure Semantic Web Services, Geospatial Database Security, Security Re-engineering for Databases: Concepts and Techniques, Database Watermarking for Copyright Protection, Database Watermarking: A Systematic View, Trustworthy Records Retention, Damage Quarantine and Recovery in Data Processing Systems, Hippocratic Databases: Current Capabilities and Future Trends, Privacy-Preserving Data Mining: A Survey, Privacy in Database Publishing: A Bayesian Perspective, Privacy Preserving Publication: Anonymization Frameworks and Principles, Privacy Protection through Anonymity in Location-based Services, Privacy-enhanced Location-based Access Control, Efficiently Enforcing the Security and Privacy Policies in a Mobile Environment

Security Protocols

Course content:

Preliminaries, Operational Semantics, Security Properties, Verification, Multi-protocol Attacks, Generalizing NSL for Multi-party Authentication, Historical Background and Further Reading

Security Architecture, Design, and Analysis

Course content:

Network security foundations, Designing secure networks, Secure network designs

Advanced Topics in Information Security

Course Contents:

  • Critically evaluate some of the important past and current research that has been undertaken within the information systems discipline;
  • Demonstrate an appreciation of the diversity of research currently being undertaken within the information systems discipline;
  • Identify research articles in the information systems discipline that they might wish to use in their theses or research report;
  • Distinguish among research approaches in the information systems discipline and identify approaches that might be useful in subsequent work.
  1. A Bit of Theory
  2. Coordination in Standards Setting
  3. The Issue of Speed
  4. IPR Problems


  • The Economic Perspective
  • After Standardization

E-Commerce Security

Course content:

Security Testing of an Online Banking Service, Software Security Analysis, New Security Issues in Mobile E-Commerce, Problems in Policing E-Commerce Crime, Strategies for Developing Policies and Requirements for Secure and Private Electronic Commerce, Protocols for Secure Remote Database Access with Approximate 87

Matching, A New Approach to Reasoning about Accountability in Cryptographic Protocols for E-Commerce, Provisional Authorizations

Secure Communication Systems

Course content:

Threats and Solutions, An Introduction to Encryption and Security Management, Voice Security in Military Applications, Telephone Security, Secure GSM systems, Security in Private VHF/UHF Radio Networks, Electronic Protection Measures - Frequency Hopping, Link and Bulk Encryption, Secure Fax Network, PC Security, Secure Email, Secure Virtual Private Networks, Military Data Communication, Management, Support and Training

Secure System Management

Course content:

Challenges in Managing Information Security in the New Millennium , Information Systems Security and the Need for Policy , New Millennium; New Technology; Same Old Right and Wrong , Ethical Elements of Security and Developments in Cyberspace that Should Promote Trust in Electronic Commerce , Cyber Terrorism and the Contemporary Corporation , Addressing Prescription Fraud in the British National Health Service: Technological and Social Considerations , The Irish Experience with Disaster Recovery Planning: High Levels of Awareness May Not Suffice, An Analysis of the Recent IS Security Development Approaches: Descriptive and Prescriptive Implications, Internet and E-Business Security, Assurance and Compliance Monitoring Support, Intelligent Software Agents: Security Issues of a New Technology, Principles for Managing Information Security in the New Millennium

Formal Models and Information Security

Course content:

Running example, Messages, and deduction, Equational theory and static equivalence, A cryptographic process calculus, Security properties, Automated verification: bounded case, Automated verification: unbounded case, Further readings and conclusion

Information Hiding

Course content:

Introduction to Information Hiding, Multimedia Steganography, Steganalysis, Network Steganography, Robust Watermarking, Watermarking Security, Fingerprinting, Fragile and Authentication Watermarks, Media Forensics, Watermarking in the Encrypted Domain

Last updated Mar 2018

About the School

Kish International Campus was established in 2007 in order to facilitate the enrolment of foreign students.

Kish International Campus was established in 2007 in order to facilitate the enrolment of foreign students. Read less