Abstract – This paper describes the results of applying formal security models to Cyber-Physical systems work in a classroom setting. The structure of the course required that each student select an infrastructure that had significant cyber and physical components. During the course, when they learned a model, they applied it to their infrastructure. Formal models included the HRU, Take-Grant, Bell-LaPadula, Biba, Non-interference, Non-inference, and Non-deducibility. The approach is described, results of the models, and student feedback are reported.

Abstract – The RAAF’s imperative is to train members of its No 462squadron in the appropriate disciplines required for the squadron to meet its charter. As a result No 462 Squadron and the Queensland University of Technology, in Brisbane, Queensland, Australia have developed a prototype training and education program designed to meet the Squadrons charter in a cooperative effort between a defence establishment and a public academic institution. This paper discusses the experience gained in the development and delivery of a formally recognised Australian tertiary qualification in information assurance designed to meet No 462 Squadron’s Information and Communications Technology (ICT) and Information Assurance education and training requirements.

Abstract - There is a strong need for minority institutions to establish their place in the Information Assurance (IA) education arena. The Information Systems and Decisions Sciences Department at Howard University believes that we can extend our programs to incorporate the rapidly developing field of information security. Howard hosts both Bachelor in Business Administration in Computer Based Information Systems with a concentration in Information Assurance (IA), and a Master of Science with an Information Security certificate programs.

Abstract – Computer forensics is a hands-on discipline. Introductory skills, however, can be taught using simple exercises that require neither expensive laboratory facilities nor even face-to-face courses. This paper describes a simple floppy disk analysis project that allows an instructor to address issues ranging from the computer forensics process and basics of file systems to long file names, file signatures, and hashing. Projects are essential to teaching this discipline as they support active learning, constructivism, and active learning. These hands-on projects also offer an opportunity for courses to be taught online and for students to build their own toolkits using open source or commercial software.

Abstract – To bridge the gap between the instruction of security primitives and protocols, we have designed and developed a digital Lego system and supporting course materials. Our digital Lego pieces are designed to use shapes to provide a generic representation of security protocols. With the automatic Lego piece generation and fitting method, we have developed a protocol demonstration and experiment environment that allows students to practice with these abstract concepts. The developed exercises will expose the relationship among security primitives and properties, and train students’ capabilities to design secure protocols under different requirements. Our approach applies the pedagogical methods learned from toy construction sets by treating security atomics as Lego pieces and protocols as construction results.

Abstract – Walsh College included a capstone course into their Information Assurance graduate (MSIA) program. The IA capstone course is modeled after the MSBIT/MSIS capstone course developed by Dr. W. Don Gottwald. The capstone course was designed to be integrative, broadly focused, and demanding on the student. To complete the capstone course, the student needs to demonstrate their knowledge of project management techniques and a mastery of the skills taught across their program.

Abstract – Information security is one of the pervasive themes in computing curriculum. As computing security becomes more important in all sectors of society, so does the preparation of our students with knowledge and understanding of critical security concepts, methodologies, and techniques. Unfortunately, despite the deep and pervasive impact of security, undergraduate computing curricula and programs today often look much as it did several decades ago. We want to infuse information security into our computing curriculum, and we found a good model for doing that. This paper introduces the Threads model for computing curriculum originated from Georgia Tech’s College of Computing, an innovative way to restructuring computing curriculum.

Abstract – Each year the reported number of security vulnerabilities increases as does the sophistication of attacks to exploit these vulnerabilities. Most security vulnerabilities are the result of insecure coding practices. There is a critical need to increase the security education of computer science students, particularly in software security. We are designing course modules, to be used at the undergraduate or graduate level, to integrate software system security into our computer science curriculum. The course modules we have developed, and are developing, include: operating system security, software security testing, code review, risk analysis, and database security.

Abstract – The Information Assurance community has long benefitted from the development of standards as part of the CNSS process. This paper summarizes efforts conducted over the last year to start a similar standards based methodology for Information Operations (IO) and to develop a framework for IO training and education.

Abstract – Those of us in the fields of computer engineering and computer science find ourselves in the middle of an oxymoron. We are at the intersection where enrollments in our disciplines are dropping while at the same time the need for creative minds to solve pressing security problems is on the rise. Our institution, a well-known land grant with robust programs in computer security and information assurance at the undergraduate and graduate levels, recognized the need to encourage more Millenials to study in an information technology-related area and has started a program to try to entice students to enter our chosen professions.