Program Requirements

Effective for all students entering the program until Spring 2015

For students entering the program after Spring 2015, see Program Requirements (2015).

The successful completion of the MSSI degree requires:

  • Ten regular courses of three or more credit hours, or the equivalent:
    • Four Technology courses including at least three Core Technology courses and one Core Technology course in Cryptography.
    • Four Core Policy/Health/Management courses including at least one course from each category of Policy, Health, and Management.
    • Two additional courses from Core or Elective Technology courses; or when deemed appropriate relative to a student's background, interests, and goals AND with the prior approval by the faculty advisor, from Elective Policy/Health/Management courses or (at most one) from Foundational Technology courses.
  • A Capstone Project:
    • The students register for 650.(736/737/738) Information Security Projects in their second semester in the program for this project. The 650.(736/737/738) Information Security Projects is NOT counted toward the above Ten-course requirement.
    • In general, the project will include both technology and non-technology components, and be conducted within a team-structured environment comprised of students and faculty mentors (plus external mentors if appropriate).
    • The project topic should relate to real-world problems and exhibit both theoretical and practical significance. The project execution should follow the best practice of software engineering.
    • The project outcome must be documented by a final report and presentation, as well as other applicable deliverables including but not limited to system prototypes, utility libraries, experimental demonstrations, conference or journal submissions, and so on.
    • The project can be sponsored by government/industry partners and affiliates of the Information Security Institute, or be related to faculty research programs supported by grants and contracts.


  • All courses toward the degree requirement must be 400-level or above.
  • The overall grade point average of the courses counted towards the coursework requirements must be a 3.00 or higher.
  • At most, two independent study courses can be counted toward the course requirements.
  • No courses with grades of P may be counted with the exception of 650.736, 650.737, 650.738 and independent study courses.
  • At most two courses with grades less than B- may be counted towards the course work requirements. No courses with grades with less than C- may be counted.
  • At most two courses may be transferred from other institutions. The student's faculty advisor and the director of Information Security Institute must approve such transfer courses.
  • Courses not found on the area-specific lists can be used to meet area requirements with written approval from the student's advisor and one additional faculty member.
  • A grade of D or F results in probation. A second D or F is cause for being dropped from the program.
Last Modified: November 24 2014 12:53:51


Contact Us

JHU Information Security Institute
Malone Hall Suite 160
Baltimore, MD 21218

E-mail Us

Phone: 410-516-6282
Fax: 410-516-6134