WelcometoCISandCybercorps
Download
Report
Transcript WelcometoCISandCybercorps
Center for Information Security:
An Overview
October 4th, 2002
University of Tulsa - Center for Information Security
CIS Overview
• IA Mission: Education, Research and Service
• CS Faculty
– Prof. Sujeet Shenoi
– Prof. Mauricio Papa
– Prof. John Hale
• Other faculty in multidisciplinary track (Political
Science, Economics, Law, History
• Founded in 1996
• NSA Center of Excellence in Information Assurance
Education (2000)
• Only school in the country fully compliant with federal
INFOSEC training standards
University of Tulsa - Center for Information Security
CIS Curriculum
• Curriculum Features
– IA courses integrated into the CS/IST curricula
– 3 IA courses taught each semester
– Federal CNSS Certifications offered at TU
•
•
•
•
•
CNSS 4011 (Information System Security Professional)
CNSS 4012 (Designated Approving Authority)
CNSS 4013 (System Administrator)
CNSS 4014 (Information System Security Officer)
CNSS 4015 (System Certifier)
– 10 CNSS 4011 Certificates awarded in 2001
– 48 CNSS 4011/12/14 Certificates in May 2002
University of Tulsa - Center for Information Security
Information Assurance
Courses (Core)
CORE IA COURSES
Computer Security: Introduction to security problems in computing.
Encryption and decryption
techniques. Secure encryption systems. Cryptographic protocols and practices. Security in networks and
distributed systems. Legal and ethical issues in computer security.
Secure E-Commerce: Electronic commerce technology, models and issues.
Principles and case
studies. Introduction to security architectures for electronic commerce including digital signatures,
certificates, and public key infrastructure (PKI). Legal and national policy electronic commerce issues.
Information System Assurance: Design and analysis methods for high assurance information systems.
Safety, reliability and security. Specification of mission critical system properties. Software and
hardware validation, verification and certification.
Enterprise Security Management: Security architecture design and implementation methodologies for
enterprises. Risk management, policy development, and system integration. Public Key Infrastructures.
Security management, preparedness and incident response processes and techniques. Procurement,
accreditation, installation and validation of secure enterprise information systems.
Secure System Administration and Certification: Provisioning, procurement and installation of
network, hardware and software systems for mission critical enterprises. System configuration, integration
and maintenance. Incident handling and response. Methodologies and standards for system testing,
verification and certification.
University of Tulsa - Center for Information Security
Information Assurance
Courses (Electives)
ELECTIVE IA COURSES (CS)
Network Security
Computer & Network Forensics
Telecommunications Security
Risk Management
Security Engineering
Critical Infrastructure Protection
Topics in Information Assurance
SYSTEMS COURSES (CS)
Operating Systems
Database Systems
Computer Networks
Distributed Computing
Operating Systems Theory
Advanced Database Systems
Advanced Computer Networks
ELECTIVE IA COURSES (LAW)
National Security Law
Cyber Law and Policy
Constitutional Law
Constitutional Law II
Administrative Law
International Law
ELECTIVE IA COURSES (POLSCI/HIST/ECON)
U.S. National Security Policy
Global Threats to American Security
Ethnic Conflict and Civil War
Intelligence & U.S. National Security Policy
Politics of Cyber Terrorism
History of 20th Century American Foreign Policy
Opponents of the American Empire
Domestic Economic Policy & Homeland Security
University of Tulsa - Center for Information Security
CNSS Course Mappings
CNSS 4011: INFOSEC
CNSS 4012: DAA
CNSS 4013: SA
Comp Security
Secure E-Commerce
Info Sys Assur
Comp Security
Secure E-Commerce
Info Sys Assur
Ent Sec Mgmt
Comp Security
Secure E-Commerce
Info Sys Assur
Sec Sys Admin & Cert
IA Elective
2 of 3 Systems Courses
Op Systems
Databases
Comp Networks
IA Elective
2 of 3 Systems Courses
Op Systems
Databases
Comp Networks
IA Elective
3 of 3 Systems Courses
Op Systems
Databases
Comp Networks
CNSS 4014: ISSO
CNSS 4015: SC
Comp Security
Secure E-Commerce
Info Sys Assur
Ent Sec Mgmt
Comp Security
Secure E-Commerce
Info Sys Assur
Ent Sec Mgmt
Sec Sys Admin & Cert
IA Elective
3 of 3 Systems Courses
Op Systems
Databases
Comp Networks
IA Elective
3 of 3 Systems Courses
Op Systems
Databases
Comp Networks
University of Tulsa - Center for Information Security
CyberCorps
• Scholarship for Service
– Part of the Cyber Service initiative
• Announced in May 2002
– NSF Grant to five Universities
• University of Tulsa, Naval Postgraduate School, Iowa State
University, Purdue University, University of Idaho and Carnegie
Mellon University
• Mission
– Training of elite squadrons of computer security experts
– Defense against Internet hackers and terrorists
University of Tulsa - Center for Information Security
CyberCorps Program
• Objectives
– Enroll 12 new students each year
• Open to students in their junior year or first-year graduate
students (two-year program)
• Grant pays each student’s tuition for two years, room and board,
travel to conferences and stipend
• Obligations
– Students must complete a summer internship in a federal
agency at the end of their first year
– Two years of service for the Federal Government
University of Tulsa - Center for Information Security
CyberCorps Program
• Research
– Students will conduct research in collaboration with federal
scientists toward a Senior Project or Master’s Thesis
– Teams: two undergraduates and one graduate student
• Outreach Activities
– Developing Information Technology Ethics courses for middle
and high-school students
– Collaborate with the National Memorial Institute for the
Prevention of Terrorism in Oklahoma City
University of Tulsa - Center for Information Security
Research Projects
•
•
•
•
•
•
•
•
Telecommunications Security
Intrusion Detection
Attack Modeling and Visualization
Network Vulnerability Analysis
Computer and Network Forensics
Policy Mediation
Programmable Security
Cryptographic Protocol Verification
University of Tulsa - Center for Information Security
Telecommunications Security
• DoJ project developing systems for defending
PTNs from cyberterrorist attacks
• Experimental PTN providing analog, digital
and wireless telephony used for research
• Convergence networks
• SS7, xDSL, ISDN, wireless gateways
• Collaboration with NIST and Williams
University of Tulsa - Center for Information Security
Intrusion Detection
• DoJ project developing robust intrusion
detection systems
• Specialized software agents monitor network
resources, report anomalies and intrusions
• Initiate countermeasures
• Collaboration with the ISTS/Dartmouth
Consortium
University of Tulsa - Center for Information Security
Attack Modeling/Visualization
• DoJ project developing coherent schemes for
monitoring and visualizing Internet attacks in
real-time
• Java prototype under development
• Distributed agents synthesize feedback from
IDS into a special language
• Subsequently transformed into an integrated
graphical representation by centralized
monitor
University of Tulsa - Center for Information Security
Network Vulnerability
Analysis
• DoJ project developing tools for mapping IP
networks and analyzing vulnerabilities
• In the process of including convergence
technologies
• Information includes operating system profiles
and data, IP service fingerprints
• SS7 network and wireless gateways
• Integrated with an attack model database to
support vulnerability analysis
University of Tulsa - Center for Information Security
Computer and Network
Forensics
• Currently supported by Williams Energy
Services
• Developing state-of-the-art forensic
capabilities
• Network scanners, IP profilers, chat room
monitors, evidence preservation
• Tools for recovering and analyzing evidence
• Tulsa Police Department’s Cyber Crime
Division
University of Tulsa - Center for Information Security
Policy Mediation
• NSF project using primitive logic and
mediator technology
• Implement access control and metapolicies
• Negotiate authorization policies in federated
DB environments
• Prototype in Java using JDBC and CORBA
• NIST scientists have developed universal
policy machines
University of Tulsa - Center for Information Security
Programmable Security
• NSA and NSF supported project developing
programming languages with constructs for
programmable security
• Primitive ticket-based model used to
implement a variety of access control models
(DAC, MAC, RBAC and TBAC)
• Security checking at compile and runtime
University of Tulsa - Center for Information Security
Cryptographic Protocol
Verification
• Developed a formalism that integrates logic and
process calculus components
• Support for formal proofs about the protocol,
knowledge and behavior of principals
• Comprehensive modeling of encrypted and
unencrypted messages
• Expressive message passing semantics
• Constructs for modeling agents
• Modeling/Verifying security properties of distributed
systems
University of Tulsa - Center for Information Security