university of tulsa - center for information security center for information security: an overview...

University of Tulsa - Center for Information Security

Center for Information Center for Information Security:Security:

An OverviewAn Overview

October 4th, 2002


CIS OverviewCIS Overview

• IA Mission: Education, Research and Service• CS Faculty

– Prof. Sujeet Shenoi– Prof. Mauricio Papa– Prof. John Hale

• Other faculty in multidisciplinary track (Political Science, Economics, Law, History

• Founded in 1996• NSA Center of Excellence in Information

Assurance Education (2000)• Only school in the country fully compliant

with federal INFOSEC training standards


CIS CurriculumCIS Curriculum

• Curriculum Features– IA courses integrated into the CS/IST curricula– 3 IA courses taught each semester– Federal CNSS Certifications offered at TU

• CNSS 4011 (Information System Security Professional)

• CNSS 4012 (Designated Approving Authority)• CNSS 4013 (System Administrator)• CNSS 4014 (Information System Security Officer)• CNSS 4015 (System Certifier)

– 10 CNSS 4011 Certificates awarded in 2001– 48 CNSS 4011/12/14 Certificates in May 2002


Information Assurance Information Assurance Courses (Core)Courses (Core)

CORE IA COURSES Computer Security: Introduction to security problems in computing. Encryption and decryption techniques. Secure encryption systems. Cryptographic protocols and practices. Security in networks and distributed systems. Legal and ethical issues in computer security. Secure E-Commerce: Electronic commerce technology, models and issues. Principles and case studies. Introduction to security architectures for electronic commerce including digital signatures, certificates, and public key infrastructure (PKI). Legal and national policy electronic commerce issues.

Information System Assurance: Design and analysis methods for high assurance information systems. Safety, reliability and security. Specification of mission critical system properties. Software and hardware validation, verification and certification. Enterprise Security Management: Security architecture design and implementation methodologies for enterprises. Risk management, policy development, and system integration. Public Key Infrastructures. Security management, preparedness and incident response processes and techniques. Procurement, accreditation, installation and validation of secure enterprise information systems.

Secure System Administration and Certification: Provisioning, procurement and installation of network, hardware and software systems for mission critical enterprises. System configuration, integration and maintenance. Incident handling and response. Methodologies and standards for system testing, verification and certification.


Information Assurance Information Assurance Courses (Electives)Courses (Electives)

SYSTEMS COURSES (CS) Operating Systems Database Systems Computer Networks Distributed Computing Operating Systems Theory

Advanced Database Systems

Advanced Computer Networks

ELECTIVE IA COURSES (CS) Network Security Computer & Network Forensics Telecommunications Security Risk Management Security Engineering Critical Infrastructure Protection Topics in Information Assurance

ELECTIVE IA COURSES (LAW) National Security Law Cyber Law and Policy Constitutional Law Constitutional Law II Administrative Law International Law ELECTIVE IA COURSES (POLSCI/HIST/ECON) U.S. National Security Policy Global Threats to American Security Ethnic Conflict and Civil War Intelligence & U.S. National Security Policy Politics of Cyber Terrorism

History of 20th Century American Foreign Policy

Opponents of the American Empire

Domestic Economic Policy & Homeland Security


CNSS Course MappingsCNSS Course Mappings

CNSS 4011: INFOSEC CNSS 4012: DAA CNSS 4013: SA Comp Security Secure E-Commerce Info Sys Assur

Comp Security Secure E-Commerce Info Sys Assur Ent Sec Mgmt

Comp Security Secure E-Commerce Info Sys Assur Sec Sys Admin & Cert

IA Elective IA Elective IA Elective 2 of 3 Systems Courses Op Systems Databases Comp Networks

2 of 3 Systems Courses Op Systems Databases Comp Networks


CNSS 4014: ISSO CNSS 4015: SC Comp Security Secure E-Commerce Info Sys Assur Ent Sec Mgmt

Comp Security Secure E-Commerce Info Sys Assur Ent Sec Mgmt Sec Sys Admin & Cert

IA Elective IA Elective 3 of 3 Systems Courses Op Systems Databases Comp Networks



CyberCorpsCyberCorps

• Scholarship for Service– Part of the Cyber Service initiative

• Announced in May 2002

– NSF Grant to five Universities• University of Tulsa, Naval Postgraduate School, Iowa State

University, Purdue University, University of Idaho and Carnegie Mellon University

• Mission– Training of elite squadrons of computer security experts– Defense against Internet hackers and terrorists


CyberCorps ProgramCyberCorps Program

• Objectives– Enroll 12 new students each year

• Open to students in their junior year or first-year graduate students (two-year program)

• Grant pays each student’s tuition for two years, room and board, travel to conferences and stipend

• Obligations– Students must complete a summer internship in a

federal agency at the end of their first year– Two years of service for the Federal Government


CyberCorps ProgramCyberCorps Program

• Research– Students will conduct research in collaboration with

federal scientists toward a Senior Project or Master’s Thesis

– Teams: two undergraduates and one graduate student

• Outreach Activities– Developing Information Technology Ethics courses for

middle and high-school students– Collaborate with the National Memorial Institute for the

Prevention of Terrorism in Oklahoma City


Research ProjectsResearch Projects

• Telecommunications Security• Intrusion Detection• Attack Modeling and Visualization• Network Vulnerability Analysis• Computer and Network Forensics• Policy Mediation• Programmable Security• Cryptographic Protocol Verification


Telecommunications Telecommunications SecuritySecurity

• DoJ project developing systems for defending PTNs from cyberterrorist attacks

• Experimental PTN providing analog, digital and wireless telephony used for research

• Convergence networks• SS7, xDSL, ISDN, wireless gateways• Collaboration with NIST and Williams


Intrusion DetectionIntrusion Detection

• DoJ project developing robust intrusion detection systems

• Specialized software agents monitor network resources, report anomalies and intrusions

• Initiate countermeasures• Collaboration with the ISTS/Dartmouth

Consortium


Attack Attack Modeling/VisualizationModeling/Visualization

• DoJ project developing coherent schemes for monitoring and visualizing Internet attacks in real-time

• Java prototype under development• Distributed agents synthesize feedback

from IDS into a special language• Subsequently transformed into an

integrated graphical representation by centralized monitor


Network Vulnerability Network Vulnerability AnalysisAnalysis

• DoJ project developing tools for mapping IP networks and analyzing vulnerabilities

• In the process of including convergence technologies

• Information includes operating system profiles and data, IP service fingerprints

• SS7 network and wireless gateways• Integrated with an attack model database

to support vulnerability analysis


Computer and Network Computer and Network ForensicsForensics

• Currently supported by Williams Energy Services

• Developing state-of-the-art forensic capabilities

• Network scanners, IP profilers, chat room monitors, evidence preservation

• Tools for recovering and analyzing evidence• Tulsa Police Department’s Cyber Crime

Division


Policy MediationPolicy Mediation

• NSF project using primitive logic and mediator technology

• Implement access control and metapolicies

• Negotiate authorization policies in federated DB environments

• Prototype in Java using JDBC and CORBA• NIST scientists have developed universal

policy machines


Programmable SecurityProgrammable Security

• NSA and NSF supported project developing programming languages with constructs for programmable security

• Primitive ticket-based model used to implement a variety of access control models (DAC, MAC, RBAC and TBAC)

• Security checking at compile and runtime


Cryptographic Protocol Cryptographic Protocol VerificationVerification

• Developed a formalism that integrates logic and process calculus components

• Support for formal proofs about the protocol, knowledge and behavior of principals

• Comprehensive modeling of encrypted and unencrypted messages

• Expressive message passing semantics• Constructs for modeling agents• Modeling/Verifying security properties of

distributed systems

university of tulsa - center for information security center for information security: an overview...

Documents