university of tulsa - center for information security center for information security: an overview...
TRANSCRIPT
University of Tulsa - Center for Information Security
Center for Information Center for Information Security:Security:
An OverviewAn Overview
October 4th, 2002
University of Tulsa - Center for Information Security
CIS OverviewCIS Overview
• IA Mission: Education, Research and Service• CS Faculty
– Prof. Sujeet Shenoi– Prof. Mauricio Papa– Prof. John Hale
• Other faculty in multidisciplinary track (Political Science, Economics, Law, History
• Founded in 1996• NSA Center of Excellence in Information
Assurance Education (2000)• Only school in the country fully compliant
with federal INFOSEC training standards
University of Tulsa - Center for Information Security
CIS CurriculumCIS Curriculum
• Curriculum Features– IA courses integrated into the CS/IST curricula– 3 IA courses taught each semester– Federal CNSS Certifications offered at TU
• CNSS 4011 (Information System Security Professional)
• CNSS 4012 (Designated Approving Authority)• CNSS 4013 (System Administrator)• CNSS 4014 (Information System Security Officer)• CNSS 4015 (System Certifier)
– 10 CNSS 4011 Certificates awarded in 2001– 48 CNSS 4011/12/14 Certificates in May 2002
University of Tulsa - Center for Information Security
Information Assurance Information Assurance Courses (Core)Courses (Core)
CORE IA COURSES Computer Security: Introduction to security problems in computing. Encryption and decryption techniques. Secure encryption systems. Cryptographic protocols and practices. Security in networks and distributed systems. Legal and ethical issues in computer security. Secure E-Commerce: Electronic commerce technology, models and issues. Principles and case studies. Introduction to security architectures for electronic commerce including digital signatures, certificates, and public key infrastructure (PKI). Legal and national policy electronic commerce issues.
Information System Assurance: Design and analysis methods for high assurance information systems. Safety, reliability and security. Specification of mission critical system properties. Software and hardware validation, verification and certification. Enterprise Security Management: Security architecture design and implementation methodologies for enterprises. Risk management, policy development, and system integration. Public Key Infrastructures. Security management, preparedness and incident response processes and techniques. Procurement, accreditation, installation and validation of secure enterprise information systems.
Secure System Administration and Certification: Provisioning, procurement and installation of network, hardware and software systems for mission critical enterprises. System configuration, integration and maintenance. Incident handling and response. Methodologies and standards for system testing, verification and certification.
University of Tulsa - Center for Information Security
Information Assurance Information Assurance Courses (Electives)Courses (Electives)
SYSTEMS COURSES (CS) Operating Systems Database Systems Computer Networks Distributed Computing Operating Systems Theory
Advanced Database Systems
Advanced Computer Networks
ELECTIVE IA COURSES (CS) Network Security Computer & Network Forensics Telecommunications Security Risk Management Security Engineering Critical Infrastructure Protection Topics in Information Assurance
ELECTIVE IA COURSES (LAW) National Security Law Cyber Law and Policy Constitutional Law Constitutional Law II Administrative Law International Law ELECTIVE IA COURSES (POLSCI/HIST/ECON) U.S. National Security Policy Global Threats to American Security Ethnic Conflict and Civil War Intelligence & U.S. National Security Policy Politics of Cyber Terrorism
History of 20th Century American Foreign Policy
Opponents of the American Empire
Domestic Economic Policy & Homeland Security
University of Tulsa - Center for Information Security
CNSS Course MappingsCNSS Course Mappings
CNSS 4011: INFOSEC CNSS 4012: DAA CNSS 4013: SA Comp Security Secure E-Commerce Info Sys Assur
Comp Security Secure E-Commerce Info Sys Assur Ent Sec Mgmt
Comp Security Secure E-Commerce Info Sys Assur Sec Sys Admin & Cert
IA Elective IA Elective IA Elective 2 of 3 Systems Courses Op Systems Databases Comp Networks
2 of 3 Systems Courses Op Systems Databases Comp Networks
3 of 3 Systems Courses Op Systems Databases Comp Networks
CNSS 4014: ISSO CNSS 4015: SC Comp Security Secure E-Commerce Info Sys Assur Ent Sec Mgmt
Comp Security Secure E-Commerce Info Sys Assur Ent Sec Mgmt Sec Sys Admin & Cert
IA Elective IA Elective 3 of 3 Systems Courses Op Systems Databases Comp Networks
3 of 3 Systems Courses Op Systems Databases Comp Networks
University of Tulsa - Center for Information Security
CyberCorpsCyberCorps
• Scholarship for Service– Part of the Cyber Service initiative
• Announced in May 2002
– NSF Grant to five Universities• University of Tulsa, Naval Postgraduate School, Iowa State
University, Purdue University, University of Idaho and Carnegie Mellon University
• Mission– Training of elite squadrons of computer security experts– Defense against Internet hackers and terrorists
University of Tulsa - Center for Information Security
CyberCorps ProgramCyberCorps Program
• Objectives– Enroll 12 new students each year
• Open to students in their junior year or first-year graduate students (two-year program)
• Grant pays each student’s tuition for two years, room and board, travel to conferences and stipend
• Obligations– Students must complete a summer internship in a
federal agency at the end of their first year– Two years of service for the Federal Government
University of Tulsa - Center for Information Security
CyberCorps ProgramCyberCorps Program
• Research– Students will conduct research in collaboration with
federal scientists toward a Senior Project or Master’s Thesis
– Teams: two undergraduates and one graduate student
• Outreach Activities– Developing Information Technology Ethics courses for
middle and high-school students– Collaborate with the National Memorial Institute for the
Prevention of Terrorism in Oklahoma City
University of Tulsa - Center for Information Security
Research ProjectsResearch Projects
• Telecommunications Security• Intrusion Detection• Attack Modeling and Visualization• Network Vulnerability Analysis• Computer and Network Forensics• Policy Mediation• Programmable Security• Cryptographic Protocol Verification
University of Tulsa - Center for Information Security
Telecommunications Telecommunications SecuritySecurity
• DoJ project developing systems for defending PTNs from cyberterrorist attacks
• Experimental PTN providing analog, digital and wireless telephony used for research
• Convergence networks• SS7, xDSL, ISDN, wireless gateways• Collaboration with NIST and Williams
University of Tulsa - Center for Information Security
Intrusion DetectionIntrusion Detection
• DoJ project developing robust intrusion detection systems
• Specialized software agents monitor network resources, report anomalies and intrusions
• Initiate countermeasures• Collaboration with the ISTS/Dartmouth
Consortium
University of Tulsa - Center for Information Security
Attack Attack Modeling/VisualizationModeling/Visualization
• DoJ project developing coherent schemes for monitoring and visualizing Internet attacks in real-time
• Java prototype under development• Distributed agents synthesize feedback
from IDS into a special language• Subsequently transformed into an
integrated graphical representation by centralized monitor
University of Tulsa - Center for Information Security
Network Vulnerability Network Vulnerability AnalysisAnalysis
• DoJ project developing tools for mapping IP networks and analyzing vulnerabilities
• In the process of including convergence technologies
• Information includes operating system profiles and data, IP service fingerprints
• SS7 network and wireless gateways• Integrated with an attack model database
to support vulnerability analysis
University of Tulsa - Center for Information Security
Computer and Network Computer and Network ForensicsForensics
• Currently supported by Williams Energy Services
• Developing state-of-the-art forensic capabilities
• Network scanners, IP profilers, chat room monitors, evidence preservation
• Tools for recovering and analyzing evidence• Tulsa Police Department’s Cyber Crime
Division
University of Tulsa - Center for Information Security
Policy MediationPolicy Mediation
• NSF project using primitive logic and mediator technology
• Implement access control and metapolicies
• Negotiate authorization policies in federated DB environments
• Prototype in Java using JDBC and CORBA• NIST scientists have developed universal
policy machines
University of Tulsa - Center for Information Security
Programmable SecurityProgrammable Security
• NSA and NSF supported project developing programming languages with constructs for programmable security
• Primitive ticket-based model used to implement a variety of access control models (DAC, MAC, RBAC and TBAC)
• Security checking at compile and runtime
University of Tulsa - Center for Information Security
Cryptographic Protocol Cryptographic Protocol VerificationVerification
• Developed a formalism that integrates logic and process calculus components
• Support for formal proofs about the protocol, knowledge and behavior of principals
• Comprehensive modeling of encrypted and unencrypted messages
• Expressive message passing semantics• Constructs for modeling agents• Modeling/Verifying security properties of
distributed systems