teaching security via problem- based learning scenarios chris beaumont senior lecturer learning...
TRANSCRIPT
Teaching Security via Problem-based Learning Scenarios
Chris BeaumontSenior LecturerLearning Technology Research GroupLiverpool Hope University [email protected]
http://www.hope.ac.uk/
AgendaWhat is PBL?Why use PBL?How did we use it?
ExampleIssuesSuccessQuestions, comments…
insults?
http://www.hope.ac.uk/
Problem-Based Learning (PBL)
In teams,students are given a problem they don’t know how to solve.
& they devise a strategyto solve it.
In teams,students are given a problem they don’t know how to solve.
& they devise a strategyto solve it.
http://www.hope.ac.uk/
Why PBL?
Starts where they areLearning is relevant & effective
They learn what they need to solve the problem
Develop skills: problem solving, critical analysis, team
work, reasoning, reflection, manage uncertainty
Employability
Motivational
http://www.hope.ac.uk/
PBL and security
PBL works best with ill-defined (messy) real-world problems that have a number of alternative solutions and are open ended.
Security provides a rich environment for such scenarios
http://www.hope.ac.uk/
How? - Example
Systems & network Security module 15 credit final year undergraduate
module 2 hours per week PBL tutorial / Lab
session 4/5 weeks in lab Teams of 5 students Coursework + Seen exam Prior knowledge – LAN module
http://www.hope.ac.uk/
Learning OutcomesCritically and systematically analyse the
exposure to security threats of a networked computer system
Formulate a reasoned and appropriate plan to address the risks in a networked computer system
Use appropriate tools to implement aspects of security in a networked computer system
http://www.hope.ac.uk/
Key skills assessed
Problem-solvingCommunicationWorking with othersImproving own learning and
performance
http://www.hope.ac.uk/
PBL ScenarioAce Training Ltd – IT training company
with head office Liverpool, Training centre: Manchester
Small 100BaseT LAN in each office (one server) + 802.11g in Liverpool for Laptops.
Restricted Internet access (mgt only). No internal email
http://www.hope.ac.uk/
PBL Scenario
Liverpool office: Sales dept (11) use Sage Act! and MS
Office. Accounts Dept use Sage Line 50 Personnel data also stored. Marketing dept use QuarkXPress
http://www.hope.ac.uk/
PBL Scenario
The board of directors has now decided to extend the network with the following requirements: Email and internet access for all staff in
Liverpool. Host its own Web site in Liverpool (with a view
to ultimately incorporating some form of e-commerce & on-line course booking).
Enable the Training Centre manager and administrators to access various company data on the Liverpool server
http://www.hope.ac.uk/
PBL Scenario
The board are aware that they do not have the expertise to develop an ISMS and have called you in to help them. Your terms of reference are: To perform a systematic risk assessment of the
security threats to the company assets, and provide recommendations for risk treatment.
To design and present a proposal for a secure network architecture to meet the present requirements and construct a demonstration network to show proof of concept
http://www.hope.ac.uk/
Expected Clarification Issues
Eg:Company AssetsPoliciesEmail requirementsAvailability requirementsNetwork details (eg resilience features)Laptop usage
http://www.hope.ac.uk/
Expected Learning Issues
What should an ISMS consist of? Confidentiality, Availability, Integrity BS 7799
Threats and Vulnerabilities Risk Assessment & treatmentLegal Issues
http://www.hope.ac.uk/
Expected Learning Issues
IP subnetting and NATSecurity architecture/ technology
Firewalls, DMZ, IDS Encryption Authentication and Authorization Secure transmission – VPN / SSL
http://www.hope.ac.uk/
Expected Learning Issues
Configuring Software for demonstration CheckPoint Win2k Routing IIS
http://www.hope.ac.uk/
Resources
Set book Panko (2004) Corporate Computer & Network
Security
BS7799 parts 1 & 2Internet resourcesLab session on routing and CheckPoint
configurationSeminar on subnetting
http://www.hope.ac.uk/
Deliverables (assessed)
Reports Risk assessment Proposed architecture / technologies
used with justification and consideration of alternatives.
Demonstration network (5 PCs) Individual research reports
Team Presentation
http://www.hope.ac.uk/
Lab resources
Each team has 5 hard disks/ caddies + 5 PCs with several NICs in each, connected to patch panel.
Team has two switches.Hard disks pre-installed with Win2k
Server, one has CheckPoint firewall.
Internet
1 2 3 4 5 6
7 8 9101112
AB
12x
6x
8x
2x
9x
3x
10x
4x
11x
5x
7x
1x
Eth
ern
et
A
12x
6x
8x
2x
9x
3x
10x
4x
11x
5x
7x
1x
C DMZ switch
1 2 3 4 5 6
7 8 9101112
AB
12x
6x
8x
2x
9x
3x
10x
4x
11x
5x
7x
1x
Eth
ern
et
A
12x
6x
8x
2x
9x
3x
10x
4x
11x
5x
7x
1x
C LAN switch
Firewall
MAIL WWW DNS1 DNS2
10.10.1.0/8
192.168.0.0/24
10.10.1.2 10.10.1.3 10.10.1.4 10.10.1.5
10.10.1.1
192.168.0.1
PROXY192.168.0.2
Workstations
PDC BDCDNS
LAN
DMZ
194.81.128.1194.81.128.2194.81.128.3194.81.128.4194.81.128.5
Public IP addresses :
Example solution for similar scenario
- Firewall rules also provided
http://www.hope.ac.uk/
Typical team lab setup
Firewall
Router
Switch
Classroom switch
Intranet
Web server
Switch
PC workstation
Instructor PC
DMZ
http://www.hope.ac.uk/
Issues
Level of detail Can be superficial - need to question
thoroughly Lab issues – configuration problems with
routers/ CheckPoint
http://www.hope.ac.uk/
Successes
Team workMotivationResearch-based solutionsVariation in solutions
http://www.hope.ac.uk/
The Secret of success?