General information

• Information security at Royal Holloway
  • Research environment
  • Queen's Anniversary Prize
• General information about the MSc
  • Duration and structure of course of study
  • Entry requirements
  • Overview of programme: the two pathways
  • Examinations
  • Degree classification scheme
  • Curriculum development
  • Student support
  • David Lindsay Prize
  • Student Handbook
    

Information security at Royal Holloway

Research environment

The ISG is an interdisciplinary research group of computer scientists and mathematicians. It is one of the largest academic security groups in the world (with more than 20 established academic posts) and has strong links with a number of industrial and government institutions. The reputation of the ISG was further enhanced when it received a score of 5 in the recent Research Assessment Exercise. Successful completion of the M.Sc. may allow students to progress to a postgraduate research study in the field or a related area.

A dedicated network of workstations enables MSc students to perform security specific investigations. These 24-hour lab facilities are available exclusively for the MSc students. In addition, students may also use the Computer Centre's facilities. This provides access to a number of PC labs. Students have free access to the Internet including web browsers, file transfer, and electronic mail. The lab facilities have been extended recently to incorporate a penetration testing laboratory. This new facility allows students to explore newly emerging threats and protection mechanisms.

Queen's Anniversary Prize

The Queen's Anniversary Prizes for Higher and Further Education recognise and reward the outstanding contribution that universities and colleges in the United Kingdom make to the intellectual, economic, cultural and social life of the nation. The Prizes are awarded within the national honours system.

The 1998 Prizewinners were presented with their Gold Prize and illuminated Certificate by Her Majesty The Queen and HRH The Duke of Edinburgh on the morning of 11 February 1999 at a ceremony at Buckingham Palace. The same evening, the Prizewinners were honoured in a celebration at the Guildhall in the City of London attended by leaders in government and education, industry and commerce from this country and around the world.

One of the 1998 prizes was awarded to Royal Holloway, University of London, in recognition of the work of the Information Security Group. The Prize Citation is as follows:

 

This pioneering Group provides a unique national resource for the training of information security specialists and the development of highly secure communications and computer systems. It offers world-leading independent expertise in a field of national importance where trust and integrity are paramount.

 

General information about the MSc

Duration and structure of course of study

Course duration:

Full-time: one full academic year (50 weeks).

Part-time: two full academic years (100 weeks).

CPD : up to seven years.

Project Submission: September (week 50 of the academic year).

Course structure:

Full-time students:

In their first term, full-time students will take the four core modules that are appropriate for their chosen pathway, and two or more optional modules in their second term.

Part-time and CPD students:

Course modules are delivered by weekly lectures timetabled to enable part-time students to attend lectures at most one day per week throughout their course of study. In their first year, part-time students will normally take two of the four core modules in the first term, up to two optional modules in the second term, and the examinations for these modules in the third term. In their second year, they will take the other two core modules in the first term, up to two optional modules in the second term, and the examinations for these modules in the third term. Part-time students will normally submit their projects in their second year.

Course modules delivered by Block Mode are available in alternate years to enable a student to complete the core modules and their chosen optional modules within two years.

CPD students:

Students may attend modules delivered by weekly lectures, by Block Mode, or by Distance Learning, over a period of up to seven years. 

Entry requirements

Students should:

• hold a second class honours degree or equivalent, in a relevant discipline, from a university or other institution acceptable to the University of London (a relevant discipline includes, but is not restricted to, computer science, electronics, information systems and mathematics) and
• have an advanced level of ability in English. For this purpose, applicants whose native language is not English and whose education has not been delivered in English, may be required to pass, or to have passed within the last five years, at the appropriate level, a test of proficiency in English acceptable to the University.

Students without such a degree but with appropriate industrial experience should also apply.  If their experience indicates that they have the background and talents for success in the modules then they may be admitted to the programme.

Some of the modules require some technical understanding, particularly that of computer networks and systems, and also some elementary mathematics. However, no sophisticated mathematics or scientific skill is required and  tutorials will be offered during the first few weeks of the term to cover the necessary material for those students without degree level experience in these aspects,

Overview of programme: the two pathways

The MSc can be studied through two distinct pathways:

• Main Pathway
• Secure Digital Business Pathway

The Main Pathway through the MSc places considerably more emphasis on Computer and Network Security, whereas the Secure Digital Business Pathway focuses on security infrastructures and legal aspects. Each pathway has its own set of prescribed (core) modules which are listed in the diagram below.

The MSc degree is taught in course modules. Each module usually consists of three hours of lectures per week, sometimes with tutorials and practical work. As a general rule these lectures are all held on the same day. The duration of a module is one term, which amounts to eleven weeks of lectures (in the first term there is an additional week for induction purposes). As mentioned above, the modules are timetabled to be convenient for part-time students, so that they can attend classes one day per week. For such students this implies a total of 44 days of lectures spread over two years.

The curriculum for the MSc degree consists of six taught modules and a project. Of the six taught modules, four are mandatory core modules and the other two are optional modules chosen by the student from a list of options. The four core modules will be taught in the first term, and the optional modules will be taught in the second term; examinations for all modules will take place in the third term. The project must be submitted by the Friday of the 50th week of the academic year.

The MSc degree thus has three main elements:

• a core element, made up of the four core course modules;
• an options element, made up of the two optional course modules, and
• a project element.

 

Each element will be separately assessed, and the assessments will then be combined to yield the final degree result.

All of the available modules and their relationship to the two pathways are summarised in the next diagram. Note that the two pathways share two modules, namely Security Management and Introduction to Cryptography and Security Mechanisms.
 

 

The project and the optional modules give students the opportunity to pursue their own interests in more detail.

The project is a major individual piece of work. It can be of academic nature and aim at acquiring and demonstrating understanding and the ability to reason about some specific area of information security. Alternatively, the project work may document the ability to deal with a practical aspect of information security.

Modules are continually reviewed and revised to keep them up to date with current thinking and practice. All statements made here are subject to University and College regulations.

Examinations

The assessment scheme for the M.Sc. has three elements: the core, the options, and the project. From a written examination perspective there are four compulsory core modules and two optional modules (chosen from a list of seven options).

For the Main Pathway the core modules are:

• Security management
• An introduction to cryptography and security mechanisms
• Network security
• Computer security

 

For the Secure Digital Business Pathway the core modules are:

• Security management
• An introduction to cryptography and security mechanisms
• Security technologies
• Legal and regulatory aspects

 

For the Technical AND the Secure Digital Business Pathways, students will choose to be examined in two of the following options:

• Application and Business Security Developments
• Standards and evaluation criteria
• Advanced cryptography
• Computer crime
• Database security
• Smart cards/tokens security and applications
• Software security

This means that the taught part of the degree (core and options), is assessed by a total of 6 two-hour examination papers. The four core exam marks contribute 50% of the overall mark. The two options exam marks contribute 25% of the overall mark. Students also have to produce a project dissertation. The project mark contributes 25% of the overall mark.

Part-time students take their examinations over two years. By default, all first year part-time students attending modules delivered by weekly lectures are registered for two exams, namely:

• Security management, and
• An introduction to cryptography and security mechanisms.

In their second year, part-time students will sit the two remaining core exams that are specific to their chosen pathway:
 

Part-time students attending modules delivered by Block Mode will take the two core modules available in that year and may choose options from those available in either their first or second year.

Part-time students can choose to sit their two options exams either in their first year or their second year. First year part-time students that decide to sit their options exams in their first year will have to inform the Examinations Office of their intention by the beginning of February.

The project will be examined by requiring each student to submit a written project dissertation at the end of the course in September (week 50 of the academic year). An oral examination may take place at the discretion of the examiners. Part-time students will normally hand in their project at the end of their second year, although the end of the first year is also permissible.

Degree classification scheme

To decide whether or not a student will be awarded the MSc degree, and also to decide whether or not a distinction/merit will be awarded, the assessment results from each of the three programme elements (the core, options, and project elements) will be used.

To pass the MSc programme the student will normally need to achieve each of the following:

• an average of at least 50%, where the average is computed over the three elements, and where the core is given weight twice that given to the other two elements (i.e. so that the core element contributes 50% of the overall mark, and the other two elements 25% each);
• a minimum of 50% for the core element;
• minimum of 40% for the options and project elements, and a minimum of 50% for at least one of these two elements.

To be awarded a distinction in the MSc programme the student will normally need to achieve each of the following:

• an average of at least 70%, where the average is computed over the three elements, and where the core is given weight twice that given to the other two elements (i.e. so that the core element contributes 50% of the overall mark, and the other two elements 25% each);
• a minimum of 60% in each of the three elements (i.e.in the core, options, and project elements).

To be awarded a merit in the MSc programme the student will normally need to achieve each of the following:

• an average of at least 65%, where the average is computed over the three elements, and where the core is given weight twice that given to the other two elements (i.e. so that the core element contributes 50% of the overall mark, and the other two elements 25% each);
• a minimum of 50% in each of the three elements (i.e.in the core, options, and project elements).

A student who fails the degree may, in the following year, re-take any element for which an element mark of less than 50% was obtained.

Curriculum development

The basic structure of the MSc was widely discussed with more than thirty institutions; these included Government Departments, large IT companies, and many financial organisations. This exercise has ensured that the overall structure of the MSc remains stable.

To ensure that the course is completely up to date, most of the modules involve significant input from recognised security experts from industry. Furthermore, all of the academic staff have links with external organisations that are involved with information security and secure electronic commerce, including many of the largest such organisations in the country.

The main Steering Committee for this course consists of all the members of the Information Security Group at Royal Holloway. Curriculum development is further enhanced by input from Henry Beker (Visiting Professor at Royal Holloway), Dieter Gollmann (Technical University of Hamburg) and Visiting Professor at Royal Holloway) and Michael Walker (Head of Communications Security and Advanced Development Group, Vodafone Ltd and the Vodafone Professor for Telecommunications at Royal Holloway). Although this latter group has no formal powers their opinions are highly regarded and all their suggestions are therefore taken very seriously and acted upon.

A curriculum committee meets regularly to consider input from the above areas and also from student feedback activities.

Student support

Students are encouraged to discuss any problems arising in their studies with any member of the Information Security Group. Most members of staff can be contacted in their offices during the working day, although if there are problems in contacting individuals then arrangements for meetings may also be made via email or through the ISG secretary.

During the first term, additional tutorials will be arranged to cover necessary background material, depending on the needs of the individual students. Examples of tutorials that might be arranged include a basic introduction to computer networks and operating systems, and elementary mathematics (as necessary to understand the cryptographic concepts).

Tutorials will also be arranged for each of the modules to allow all students to interact with the lecturers in small groups. Typically, each week there will be one day devoted to a particular module, and the module lecturer will conduct a series of tutorials during that day with small groups of students. If required, additional lunchtime provision will also be made for part-time students.

Most modules will include non-assessed coursework, which students are encouraged to complete and submit to the module lecturer for review. Feedback on coursework will be provided to students.

As further student support, many modules have dedicated web-sites where information such as book lists and teaching material is made available. Furthermore, a mailing list of all students on the course can be used for further interaction and information exchange.

David Lindsay Prize

The British Computer Society Computer Security Specialist Group awards the David Lindsay Prize for the project report that best addresses innovative applications of Information Security. All MSc and BSc projects in the area of Information Security are eligible for the prize. The final decision is made by the British Computer Society Computer Security Specialist Group.

Student Handbook

The MSc Student Handbook is given out during the induction session at the start of the academic tem, an electronic version is available here .