Information and Communication Systems Security
Starting Date: October 2022
Duration: 3 semesters (part time: up to 6 semesters)
Security and Privacy: Common Goals
The MSc in Information and Communication Systems Security addresses specialists, researchers and executives from public or private administrative or decision-making organisations. The MSc programme aims at training students in the area of information and communication systems security, as well as in privacy protection technologies. Overall, the programme has been planned taking the following points into consideration:
- Information security and privacy have become common goals across both services and systems.
- Specialized staffing needs for career development opportunities.
- There have been advances in information technologies and telecommunications and an increase in the vulnerability of the services offered.
- The MSc offers a great opportunity for developing background knowledge for further PhD studies.
The major goal of the MSc in Information and Communication Systems Security is not only advancing and spreading scientific knowledge, but also producing graduates who will be able to address national needs in education, research and development. More specifically, the goals of the MSc programme are the following:
- be able to advance the science and research in the area of e-government.
- Training and preparation of students and researchers in order to be able to stimulate the development of Greece and Greek businesses within an information society
- be able to pursue PhD studies in the field of e-government.
- Close collaboration between the academic community and those businesses aiming at the adoption, use and dissemination of cutting-edge technologies in information security and privacy protection technologies
- Collaboration with Greek, European and international organisations that deal with information security and privacy protection technologies
The graduates of the MSc in Information and Communication Systems Security will be able to:
- design, set up, implement, analyze, evaluate and manage security and privacy protection systems.
- understand all individual parameters of the development, management and evaluation of a secure information and communication system.
Είναι ικανός να:
- participate in research and development projects in the field of information security and privacy protection technologies, generating new areas of knowledge.
- participate creatively and constructively in development projects in the field of information security in both the public and the private sector.
- compare and evaluate digital goods and services in the field of security and privacy protection, having a solid background knowledge of modern technologies on this subject. // manage and supervise complex and demanding projects.
This postgraduate programme is in accordance to the clauses of Law 4485/17, in combination with Law 4009/11, and is subject to the Regulations of Studies for the postgraduate programmes of studies, effective after their validation from the University’s Special Configuration Senate. Greek Government Gazette issue for the establishment of the postgraduate programme: 2778/B/12.07.2018
Entry Requirements – Candidates Evaluation
- Degree or diploma holders in informatics and communications, engineering, sciences or equivalent fields of study, from Greek universities or Technical Educational Institutions, or international institutions that are officially recognized by the Greek state
- Graduates from Greek military higher education institutions (Article 88 of Law 3883/2010, Greek Government Gazette issue 167/24-9-2010, Α)
- Graduates from the Officers School of the Hellenic Police Academy (Article 38 of Law 4249/2014, Greek Government Gazette issue 73 Α)
|Course ID: 3001||Computer and Communication Networks Security||ECTS: 7.5|
|Introduction to computer network security: threats, vulnerabilities, countermeasures, assurance. PKI technologies and services. Authentication, authorization and accounting (AAA). OSI/ISO network security architecture: security services, security mechanisms, security management. Internet model security architecture: network layer security, Internet layer security, transport layer security, application layer security. Applications. Firewalls: capabilities and limitations, design issues, firewall architectures, network level firewalls, application level firewalls, hybrid and next-generation firewalls. Applications. Distributed authentication systems: Kerberos. Intrusion detection and prevention systems. Privacy enhancing technologies. Censorship on the web. Secure electronic payment systems. Middleware security. Intellectual property rights security. Electronic voting systems security.|
|Course ID: 3002||Cryptography||ECTS: 7.5|
|Introduction to number theory, prime numbers, finite fields, modular arithmetic, Chinese remainder theorem, one-way functions, historical cryptographic algorithms, one-time pad, public-key cryptography (RSA, Rabin, ElGamal, elliptic curves), key management, Diffie-Hellman key agreement, stream ciphers, block ciphers, hash functions, digital signatures with appendix, digital signatures with message recovery.|
|Course ID: 3003||Database Systems Security||ECTS: 7.5|
|Discretionary and mandatory access control; security and privacy protection using capabilities of the SQL language; role-based access control; multilevel secure database management system architectures. Digital watermarking and fingerprinting in relational databases. Surviving information warfare attacks on databases, intrusion detection, data corruption and database recovery. Database models, architectures, mechanisms and policies that ensure data security, privacy preservation, confidentiality protection, integrity and availability. Translucent and encrypted databases, retrieval of encrypted data. Security in statistical, object-oriented, distributed and medical databases. Big data security. Data security and privacy protection in online social networks. Case studies: Oracle database, Microsoft SQL server, IBM DB2, MySQL, etc.|
|Course ID: 3004||Digital Forensics||ECTS: 7.5|
|The course offers an introduction to the concept of digital forensics, emphasizing the acquisition and analysis of artefacts in computer networks (network forensics). More precisely, the course presents the main characteristics of evidence acquisition and analysis from networks, as well as the research trends in the field over time. The contribution of intrusion methods in the field is analyzed as well. The course also covers concepts related to forensic methods in popular mobile platforms (Android, iOS) and the respective research progress. Lastly, case scenarios are employed so as to present the most important techniques and tools for forensic acquisition, analysis and presentation of digital evidence in computers, networks and mobile devices.|
|Course ID: 3005||Information Law||ECTS: 7.5|
|ICTs and society – ICT as a new paradigm and the relationship of society, law and technology. Privacy, confidentiality/secrecy and the relation to information and systems security. Specific issues of data security and data protection: employees’ monitoring, surveillance in the public place, privacy protection on the Web (search engines, social networking, etc.). Data protection and privacy enhancing technologies / privacy by design. Freedom of speech, rights and powers in the information society – blogs/forums, filtering and censorship. Intellectual property in the information society: software and database protection, open source, licenses, issues relating to peer-to-peer. Cybercrime and computer crime: ethical, social, legal and economic aspects. Penal law and information and communication technologies. Computer/Internet forensics. E-democracy, e-governance and e-voting.|
|Course ID: 3006||Information Systems Security Management||ECTS: 7.5|
|Introduction to information systems security management. Information security policies. Risk analysis and management. Developing the security program. Security management models and practices. Standardization and international information security standards. Awareness and training. Organisational aspects and personnel issues.|
|Course ID: 3007||Wireless and Mobile Networks Security||ECTS: 7.5|
|Mobile network security: GSM and UMTS security architecture, UMTS access security, mutual authentication procedures, authentication vectors, periodic authentication, user identity management, UTRAN protocol structure (physical layer, link layer, network layer), UTRAN encryption, protection of C-plane and associated treats, vulnerabilities and attack vector, interworking, 3G core network domain security, UMTS IMS subsystem security issues. Introduction to EPS (SAE/LTE/LTE-Advanced) architecture, interfaces, authentication, key hierarchy, protection of U-plane/C-plane (AS, NAS strata). Advanced IEEE 802.11 and 802.16 security: protocols, vulnerabilities, and attack description, defensive strategies, authentication and authorization. State-of-the-art: heterogeneous wireless network security. Privacy-preserving methods in 4G: framework, technologies and case studies.|
|Course ID: 3008||Future Internet Security and Privacy||ECTS: 7.5|
|Future Internet security. Foundations of information privacy. Privacy enhancing technologies. RFID technology: Security and privacy protection. Sensor networks security. Cloud computing models. Risks and vulnerabilities. New security solutions. Security and privacy protection for smart environments, implantable devices and embedded systems.|
|Course ID: 3000||MSc Thesis||Compulsory||ECTS: 30|
- Database Systems Security
- Information Law
- Future Internet Security and Privacy
- Computer and Communication Networks Security
- Digital Forensics
- Information Systems Security Management
- Wireless and Mobile Networks Security
|Computer and Communication Networks Security||1||Assistant Professor|
|Database Systems Security||1||Associate Professor|
|Digital Forensics||1||Konstantia Barbatsalou|
|Information Law||2||Information Law|
|Information Systems Security Management||2||Associate Professor|
|Wireless and Mobile Networks Security||2||Professor|
|Future Internet Security and Privacy||2||Assistant Professor|
Fees and Funding
Successful applicants for the postgraduate studies programme are required to pay tuition fees, in accordance with Article 35 of Law 4485/2017. The tuition fees amount to €3,000 and can be paid in three installments. The tuition fees cover operational expenses of the postgraduate programme of studies, including needs in specialist teaching staff from universities in Greece or abroad. Tuition fees payment can be made as follows: €500 within 15 days of the announcment of the results, €1,000 within 15 days after the student’s admission to the 1st semester of studies (early October) and €1,500 at the beginning of the second semester (February). Credit card payments are accepted. No refunds can be given for fees or part of fees that have already been paid.
The postgraduate studies programme may offer a number of grants, conditional on academic performance, to full-time students. The amount of funding, requirements, method of funding, as well as the rights and responsibilities of grant-holders are decided by the Department’s Assembly (par. 4, Article 35 of Law 4485/2017).
The full-time study programme is completed in three semesters and combines blended and model types of learning, including: [a] a five-day intensive lecture cycle held at the Department’s premises at the beginning or the end of every academic semester (October, January, June), [b] an online learning environment that supports the learning process during the first two semesters. The third semester is reserved for the completion of the MSc thesis. Class attendance and participation in any educational activity, such as projects, assignments, etc., is compulsory.
The full-time study programme is completed in three academic semesters, including the writing of the thesis. The maximum permissible time for the completion of the full-time programme is six semesters.
Working students may choose to study part-time. Working students have to prove that they work at least 25 hours per week and provide a work contract or certificate. Part-time study is also suitable for non-working students who cannot meet the demands of studying full-time, due to health or family issues, military service, or other personal reasons. Those students should send a written request to the Department’s Assembly before the start of the MSc programme. The duration of the part-time study programme must be no longer than six academic semesters.
How to Apply
Applicants are required to fill in a candidacy application form, attaching the following documents:
- A copy of their ID or passport
- A CV
- A copy of their degree/diploma or a certificate of studies completion
- Peer-reviewed publications, if there are any
- Certificates of professional or research activities, if there are any
- Two references
- A copy of the candidate’s undergraduate dissertation or its title and abstract if it has not been completed; in case the candidate was not required to write a dissertation during their undergraduate studies, they should mention so in writing
- Proof of English language competency equivalent to or higher than B2 level (according to the Common European Framework of Reference for Languages)
- Any other document that the candidate believes it might support their application
The application and all digital copies of documents must be submitted online on the “Nautilus” platform (https://nautilus.aegean.gr/). Hard copies can be submitted in person during admission.
Hours: 14:00 – 17:00 & 18:00 – 21:00
Monday 14/6: Information Systems Security Management
Tuesday 15/6: Future Internet Security and Privacy
Wednesday 16/6: Wireless and Mobile Networks Security
Thursday 17/6: Information Law
Remote lectures: 18:00 – 20:00
Monday: Information Systems Security Management (G. Stergiopoulos)
Tuesday: Future Internet Security and Privacy (P. Rizomyliotis)
Wednesday: Wireless and Mobile Networks Security (G. Kambourakis)
Thursday: Information Law (L. Mitrou)
|2||22-25/2/2021||1st Lecture: Remote|
|3||1-4/3/2021||2nd Lecture: Remote|
|4||8-11/3/2021||3rd Lecture: Remote|
|6||22-25/3/2021||4th Lecture: Remote|
|7||29/3 – 1/4/2021||5th Lecture: Remote|
|8||5-8/4/2021||6th Lecture: Remote|
|9||12-15/4/2021||7th Lecture: Remote|
|10||19-22/4/2021||8th Lecture: Remote|
|13||10-13/5/2021||9th Lecture: Remote|
|14||17-20/5/2021||10th Lecture: Remote|
|15||24-27/5/2021||11th Lecture: Remote|
|16||31/5 – 3/6/2021||Assignment examination|
|18||14-17/6/2021||Spring Semester Exams|
|Easter Holidays||26/4 – 7/5/2021|
The specialized knowledge that I acquired from the MSc in Information and Communication Systems Security helped me find employment, right after my graduation, in the security department of one of the country’s biggest corporations.
The direct contact with my professors allowed me to gain knowledge about theoretical and applied research issues in the area of information systems security. I have been working in the Joint Research Centre of the European Union for a number of years now.
Studying for the MSc in Information and Communication Systems Security and pursuing a doctoral diploma in the same area of studies truly provided me with useful knowledge and experience, allowing me to successfully meet the requirements of academic research on an international level.