Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security and Computer Systems: An Integrated Approach Mark A. Holliday and Bill Kreahling, Dept of Mathematics and Computer Science Western.

Published byAubrie Lynch Modified over 8 years ago

Similar presentations

Presentation on theme: "Information Security and Computer Systems: An Integrated Approach Mark A. Holliday and Bill Kreahling, Dept of Mathematics and Computer Science Western."— Presentation transcript:

1 Information Security and Computer Systems: An Integrated Approach Mark A. Holliday and Bill Kreahling, Dept of Mathematics and Computer Science Western Carolina University InfoSecCD 2006 Kennesaw, GA 23 September 2006

2 2 Acknowledgements Thank-you for financial support from  Software Producibility, Office of Naval Research, Award #N000140510817, 2005-2006.

3 23 September 2006 3 Overview  Motivations for Change  Guidelines: ACM, IEEE-CS, ABET-CAC  New Curriculum Framework  Initial Information Security Option  Final Information Security Option  InfoSec I and Internet Protocols  InfoSec II and Operating Systems  Conclusions

4 23 September 2006 4 Motivations for Change  Issue: How to create a prominent role for Information Security in – a B.S. in Computer Science curriculum – consistent with ACM/IEEE-CS/ABET-CAC guidelines – a small computer science program – a way that shows the close connection to computer systems  Result: One Design and Rationale

5 23 September 2006 5 Motivations for Change Why?  Information security is of increasing importance  Want to reinforce the computer systems courses and the information security courses by showing their interconnections – Goal is technical insight, not technical skill per se  Want to provide the students more choices – in a way that organizes those choices into coherent themes

6 23 September 2006 6 Motivations for Change  Additional constraints – Must be consistent with curriculum guidelines for a B.S. in Computer Science degree – Must be feasible for a small computer science program (70 majors; 10-15 graduates per year)  We present one design and its rationale that meets these constraints

7 23 September 2006 7 Guidelines: ACM, IEEE-CS, ABET-CAC  2001 ACM/IEEE Computer Society Curriculum Guidelines for Computer Science – Encourages a small core combined with options – Body of Knowledge (BoK) – Subset of BoK that should be in any computer science curriculum

8 23 September 2006 8 Guidelines: ACM, IEEE-CS, ABET-CAC  ABET-CAC (Computing Accreditation Commission) Accreditation Criteria – “IV-6. The core materials must provide basic coverage of algorithms, data structures, software design, concepts of programming languages, and computer organization and architecture.”

9 23 September 2006 9

10 10 New Curriculum Framework: The Options  How many courses and how many prerequisites?  Ideal – Many courses in an option to cover the area well – Student must have completed all of the courses in the core (with at least a grade of C)

11 23 September 2006 11 New Curriculum Framework: The Options  Reality – Degree needs to be 120 credit hours – 54 credit hours of Liberal Studies and General Electives – Student must be able to graduate in four years (assuming satisfactory progress) – 2+2: Transfer students with an A.S. degree should be able to graduate in two years

12 23 September 2006 12 New Curriculum Framework: The Options  Compromise – Major has 40 hours of CS courses and 31 hours of Mathematics and Sciences – CS Core is 25 hours – Options are 15 hours (5 courses of 3 credit hours) – Option courses have as prerequisites second programming course (our CS2, locally CS151) our intro to computer systems course (for most option courses)

13 23 September 2006 13 New Curriculum Framework: The Options  Three Options: – Computer Systems – Information Security – Custom  All options allow at least one free choice – Recall goal of more student choices => at most four required courses in an option

14 23 September 2006 14 Initial Information Security Option  Two key computer systems courses – Operating Systems and Internet Protocols  Pair each with an information security course that covers the corresponding security issues – Operating Systems => Computer Security – Internet Protocols => Internet Security  The two pairs are independent

15 23 September 2006 15

16 23 September 2006 16 Final Information Security Option  Independence does not work because so many topics build on cryptography and its security uses  Solution: – Order them with new names Information Security I and II  Internet Protocols co-req first – Since cryptographic applications are more naturally developed for internet security

17 23 September 2006 17

18 23 September 2006 18 InfoSec I and Internet Protocols Example Cross-Connections  InfoSec I: authentication and example attacks Internet Protocols: TCP connection establishment handshake – 3-way, random start sequence numbers, including random start sequence number for the other side

19 23 September 2006 19 InfoSec I and Internet Protocols Example Cross-Connections  InfoSec I: message integrity and non- repudiation =>Digital signatures and message digests => Hash functions Internet Protocols: hash functions for error detection – Checksums in UDP, TCP, and IP – Cyclic Redundancy Check in Ethernet

20 23 September 2006 20 InfoSec I and Internet Protocols Example Cross-Connections  InfoSec I: trusted intermediaries, key distribution, and certification Internet Protocols: development of IPC (Inter-Process Communication) – Sockets – Remote Procedure Call/Remote Method Invoc. – Web services – Grid computing (Globus, SimpleCA certificate authority)

21 23 September 2006 21 InfoSec I and Internet Protocols Example Cross-Connections  InfoSec I: firewalls and packet filtering rules Internet Protocols: IP routing tables and key packet header fields – IP addresses – UDP/TCP source and destination ports – ICMP message type – Other TCP header bits: SYN and ACK

22 23 September 2006 22 InfoSec II and Operating Systems Example Cross-Connections  InfoSec II: process address space vulnerabilities Operating Systems: segment protection (read-only versus read-write), stack overflow, memory management protection features (segmentation faults during address translation)

23 23 September 2006 23 InfoSec II and Operating Systems Example Cross-Connections  InfoSec II: program vulnerabilities, buffer overflows and software reverse engineering Operating Systems: assembly language, code analysis, automatic bounds checking

24 23 September 2006 24 InfoSec II and Operating Systems Example Cross-Connections  InfoSec II: system vulnerabilities Operating Systems: – trapping to the kernel (PSW and Interrupt Vector Table) and changing from user mode to kernel mode (not allowed machine instructions) – access control, file permission modes, setuid bit

25 23 September 2006 25 Conclusions  Issue: How to create a prominent role for Information Security in – a B.S. in Computer Science curriculum – consistent with ACM/IEEE-CS/ABET-CAC guidelines – a small computer science program – in a way that shows the close connection to computer systems  Result: One Design and Rationale

Download ppt "Information Security and Computer Systems: An Integrated Approach Mark A. Holliday and Bill Kreahling, Dept of Mathematics and Computer Science Western."

Similar presentations

IPSec.

IPSec.
Umut Girit 200535027.  One of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer.

Umut Girit  One of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
CS3505 The Internet and Info Hiway transport layer protocols : TCP/UDP.

CS3505 The Internet and Info Hiway transport layer protocols : TCP/UDP.
Chapter 7 – Transport Layer Protocols

Chapter 7 – Transport Layer Protocols
Henric Johnson1 Ola Flygt Växjö University, Sweden +46 470 70 86 49 IP Security.

Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
PROTOCOLS AND ARCHITECTURE Lesson 2 NETS2150/2850.

PROTOCOLS AND ARCHITECTURE Lesson 2 NETS2150/2850.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
CSIT435 Spring 2001 Final Examination Study Guide.

CSIT435 Spring 2001 Final Examination Study Guide.
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.

Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Course Review i206 Fall 2010 John Chuang. 2 Outline  Test 3 topics  Course review  Course evaluation.

Course Review i206 Fall 2010 John Chuang. 2 Outline  Test 3 topics  Course review  Course evaluation.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
SSH Secure Login Connections over the Internet

SSH Secure Login Connections over the Internet
Process-to-Process Delivery:

Process-to-Process Delivery:
OSI Model Routing Connection-oriented/Connectionless Network Services.

OSI Model Routing Connection-oriented/Connectionless Network Services.
TRANSPORT LAYER T.Najah Al-Subaie Kingdom of Saudi Arabia Prince Norah bint Abdul Rahman University College of Computer Since and Information System NET331.

TRANSPORT LAYER T.Najah Al-Subaie Kingdom of Saudi Arabia Prince Norah bint Abdul Rahman University College of Computer Since and Information System NET331.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
8: Network Security8-1 Security in the layers. 8: Network Security8-2 Secure sockets layer (SSL) r Transport layer security to any TCP- based app using.

8: Network Security8-1 Security in the layers. 8: Network Security8-2 Secure sockets layer (SSL) r Transport layer security to any TCP- based app using.

Similar presentations

Ads by Google