Archives

In this paper, the Information Assurance Exercise that has recently been developed at Auburn University will be discussed. This educational exercise provides Auburn University with a means to foster student interest as a potential area of study in information assurance as well as Computer Science. This sort of high speed, low drag exercise is designed to be a student’s first exposure to real information assurance practices and demonstrates the stark differences between setting up a virus scanner on a home computer and the level of effort required in securing an enterprise level system. Optional courses in information assurance and computer forensics continue to grow at most universities.

Despite state-of-the-art technologies and enhanced organizational policies, the security of corporate data is not a guarantee. The possibility of the failure of security, however, is. Given the certainty of failure, it is surprising that information security curricula do not include post-incident reviews to gather the lessons learned from failure and to better prepare students to enter the workforce ready to plan for and manage security incidents.This paper proposes that undergraduate and graduate courses in information security include the topic of failure, and address the performance of a post-incident (post-mortem) review as a best practice.

This article provides an overview of an actual application for the National Center of Academic Excellence in Information Assurance Education (CAEIAE) program designation, by one university. Each institution is unique and the experiences provided here are illustrative only. The key to success is providing evidence for each major area of submission. The use of electronic resources, Uniform Resource Locators (URLs) /addresses are emphasized. Applicants can best serve their efforts by assisting NSA evaluators and reviewers with artifacts and verification. The authors have noticed at previous CISSE annual meetings this subject is not well addressed.

The University of Findlay(UF) is located in a small city in northwest Ohio, with an active business community and strong ties between the university and local business leaders. When a committee of the local chamber of commerce decided to benchmark technology use in the local business community, a partnership developed with the Center for Information Assurance Education at UF.

Information Systems Security (ISS) has become increasingly an integral part of our lives. Accordingly, there is the need of increasing awareness of this issue in the society, increasing the workforce capable of meeting the corresponding challenges, and increasing the diversity of such workforce. Academic institutions are in the forefront of this challenge and are best equipped to fulfill the aforementioned goals. Understanding this need, Polytechnic University of Puerto Rico (PUPR) has taken various steps to address this problem. In this paper, we share the advances of ISS education at PUPR and the steps taken to be recognized as a national center of Academic Excellence in Information Assurance Education (CAE/IAE).

We argue that information security can and should be covered in the majority of core computer science courses, both at the undergraduate and the graduate level. One benefit of taking this approach is to strengthen our student's understanding of the various security problems in computing, as well as eliminating many of the security-critical computing habits that are often reported to be had by many IT professionals (especially the production of vulnerable software) early by educating our computer science students, from the very beginning, on the need to keep security in mind when using, designing, developing, and maintaining computing resources.

This paper describes an undergraduate course in software engineering which introduces students to a variety of approaches to developing software. These include PSP, CMMI and agile processes, such as XP and Scrum. An important element in the course is getting students to consider how security issues arise during the software development process. Security issues are raised with respect to the software processes themselves,as well as in our discussions of professional responsibilities, ethics, work culture issues and quality assurance.

The Department of Information Networking and Telecommunications has offered a capstone class for twelve years. 2008 was the first time that students from the two-year old Information Assurance Emphasis reached the course. With guidance of faculty and support from an industry partner, a team of IA students conducted valuable research studying wireless Wi-Fi 802.11 security deployment practices. This paper examines the purpose and design of the class and the results arrived at by undergraduate students. It describes the learning of both the students and faculty. This paper provides evidence that undergraduate students can conduct quality IA research within this type of class structure.

This paper describes the author’s undergraduate Introduction to Computer Security and Ethics course. The main focus of this paper, beyond providing an overview of the course, is on how events in the news impact the course content. It also describes the author’s efforts to motivate students to pay attention to current events and to understand the importance of developments in Information Assurance for our global culture. Two specific student assignments, relating to current events, are described.

Student research can be a powerful educational tool whose benefits are touted by educators at both the graduate and undergraduate levels. Providing a meaningful research experience at the undergraduate level faces several challenges as students are less academically mature, have limited time, and do not have an extensive knowledge base to draw from. Creation of a successful research experience as part of a course project requires careful planning in terms of available topics, project structure, and faculty oversight. At the Air Force Academy, we teach a hands-on senior level security course with a final project. We have structured the final project to attempt to provide a realistic research experience for our students.