University of Minnesota Information Assurance Center
Director: Zhi-Li Zhang
Associate Directors: Nicholas Hopper, Yongdae Kim
Advisory Committee: Vipin Kumar, Andrew Odlyzko, Paul Garrett, Mos Kaveh
Mission
The UMIAC's mission is to improve information security research and
education in the upper midwest region. Our official charter has been recognized by the Institute of Technology,
within the university of Minnesota. UMIAC faculty are engaged in
numerous research and educational activites related to information
assurance.
Events, etc.
Faculty
- Zhi-Li Zhang,
Associate Professor, Computer Science & Engineering
- Nick Hopper,
Assistant Professor, CSE
- Yongdae Kim, Assistant
Professor, CSE
- Andrew Odlyzko,
Professor, Mathematics and Director, DTC
- Paul Garrett,
Professor, Math
- Vipin Kumar,
Professor and Department Head, CSE
- Jaideep Srivastava,
Professor, CSE
- Dan L.
Burk, Professor, Law
- Laura Gurak,
Professor and Department Head, Rhetoric
- Mats Heimdahl,
Associate Professor, CSE
- Ahmed Tewfik,
Professor, Electrical and Computer Engineering
- Anand Tripathi,
Professor, CSE
- Gerald Sobelman,
Professor, ECE
Education
The university of Minnesota offers several IA "Core
courses." In addition, many other courses
include content on information assurance. Brief descriptions of these
courses are included below. Many of these courses have associated
web pages. They can be found by looking through the archive here, or searching
for the course number here.
Beginning in 2005, the computer science department will be
offering concentrations in information
assurance at the Bachelor's, Master's, and Ph.D. level. The
descriptions of these programs appear in the undergraduate and graduate
guidebooks; students may fulfill these concentrations by filing a
degree plan consistent with the requirements.
Core IA courses:
- CSci 5471 - Modern Cryptography: Introduction to
cryptography. Theoretical foundations, practical applications. Threats,
attacks, and countermeasures, including cryptosystems and cryptographic
protocols. Secure systems/ networks. History of cryptography,
encryption
(conventional, public key), digital signatures, hash functions, message
authentication codes, identification, authentication, applications.
- CSci 5271 - Introduction to Computer Security:
Introduction; Risk Analysis, Cryptography, Identification,
Authentication, Access Control, Access Control, Security Policies,
Architecture, OS Security, Security Standards, Malware - Viruses &
Worms, Network Security, Intrusion Detection & Denial of Service,
Web Security, SSL, Database & Distributed System Security, Database
Security & Privacy, Privacy, Legal & Economic issues, Forensics
& Ethics
- CSci 8271 - Security and Privacy in Computing: Recent
security/privacy issues in computer systems/networks. Threats, attacks,
countermeasures. Security research, authentication, network security,
wireless security, computer system security, anonymous system,
pseudonym, access control, intrusion detection system, cryptographic
protocols. How to pursue research in security and design secure systems.
- IDSC 6490 - Information Security and Reliability: Concepts
and issues of security and data integrity threats that undermine the
utility, robustness, and confidence in electronic technologies in
facilitating business transactions. Security threats and solutions for
everyday business processes. Leveraging existing security technology
investments to benefit a range of business functions.
- CSci 8980 - Advanced Cryptography: theoretical foundations of
cryptography. Computational one-wayness, pseudorandomness, and
zero-knowledge; Formal models of security for encryption and message
authentication; Advantages and disadvantages of the “random oracle
methodology;” Secure multiparty computation.
Other courses with IA content:
- CSci 3921W - Social, Legal, and Ethical Issues in Computing:
Philosophical Ethics, Freedom of Speech, Intellectual Property,
Privacy,
Crime and Security, Computer Reliability, Work and Globalization,
Professional Ethics
- CSci 4211 - Introduction to Computer Networks: Concepts,
principles, protocols, and applications of computer networks. Layered
network architectures, data link protocols, local area networks,
routing, transport, network programming interfaces, networked
applications.
- CSci 4707 - Practice of Database Systems: database design,
facilities for database security/integrity
- CSci 5103 - Operating Systems: Conceptual foundation of operating
system designs and implementations. Relationship between operating
system structures and machine architectures. UNIX implementation
mechanisms as examples.
- CSci 5131 - Advanced Internet Programming: Issues in internet
programming. Java programming, concurrent programming,workflow,
distributed databases, security, collaborative computing,
object-oriented architecture/design, network publishing, messaging
architecture, distributed object computing, intranets.
- CSci 5707 - Principles of Database Systems: models of database
security/integrity
- CSci 5708 - Architecture and Implementation of Database
Management Systems: disaster recovery, distribution, security, integrity
- CSci 5801 - Software Engineering I: Advanced introduction to
software engineering. Software life cycle, development models, software
requirements analysis, software design, coding, maintenance.
- CSci 5802 - Software Engineering II: Introduction to software
testing, software maturity models, cost specification models, bug
estimation,software reliability models, software complexity, quality
control, and experience report.
- CSci 8101 - Advanced Operating Systems: RPC models, RMI,
Message-oriented Middleware, Streams, Schedule, Activations,
Processes/Threads, Network Services and Embedded Systems, XML, Web
Services, .Net, Jini, Embedded Systems, Naming, Synchronization,
Transactions, Consistency and Fault Tolerance, DFS, Security, Grid/P2P
computing
- MATH 5248 - Cryptology and Number Theory: Simple ciphers,
Counting and Probability, Permutations, Vigenere Cipher, LCMs and GCDs,
DES and AES, Integers, Intro to PK: RSA, Diffie-Hellman key exchange,
ElGamal cipher, Roots Mod Composites, Factorization, Pseudo Random
Number Generators
- Math 5251 - Error-correcting codes and finite fields: A
Little Probability, Information and Entropy Codes, Noiseless Coding
Theorem, Noisy Coding Theorem, Cyclic Redundancy Checks, A Nonlinear
Example, Some Algebra, Intro to Linear Codes, Bounds for Codes, Finite
fields, Polynomials over finite fields, Cyclic Codes, Cyclotomic
polynomials, Primitive polynomials More on finite fields, Reed-Solomon,
BCH Codes Concatenated Codes, Justesen Codes, Curves and Codes
- RHET 3401 - Internet Communication: Tools and Issues: The
Internet: What’s it for? Research and the Internet, Tools, Identity on
the screen, Email and work, Security and privacy, Community in
cyberspace, Intellectual Property, Peer-to-peer
- RHET 3577 - Rhetoric, Technology, and the Internet: The Internet
from a rhetorical perspective. How the Internet is changing language,
power to persuade, scientific/technical knowledge, and legal issues
such as copyright, privacy, and free speech. Emphasizes how
scientific/technical information is conveyed on the Internet. Ethical
issues specific to use of computers.
Concentrations in IA
- Upper division emphasis for CSci has a concentration
in Computer
and Network Security. Students who want to have network security emphasis are required to take CSci 4211, 5103,
5271, CSci 5471 or Math 5248, and one of CSci 3921, Rhet 3577, Phil 3602.
- The director of graduate studies has
approved MS and PhD concentrations in IA:
- The M.S. concentration in Computer and Network Security requires
the following courses: CSci 5211, CSci 5271, CSci 5471 or CSci 8271, CSci 5707, CSci 5421 or 5403, and IDSc 6490.
- The Ph.D. concentration in Computer and Network Security
requires completion of the M.S. concentration, plus
CSci 8211 and a Ph.D. thesis related to security.