Simulation Approaches in Information Security Education

Author:
John H. Saunders
File Size:
276.10 kB
Date:
01 June 2002
Downloads:
1600 x

This paper and presentation provides a look at instructional methods for information assurance (IA) using simulation. The simulation methods of 1) Packet Wars, 2) Sniffers + Network Design Tools, 3) Canned Attack/Defend Scenarios, 4) Management Flight Simulators, and 5) Role-playing are presented. These techniques are presented as options for educating a variety of IA constituency including network administrators, functional managers, security managers, and naïve users. Each method is demonstrated and its value supported by providing examples and by drawing upon conclusions from the author’s experiences using them in a classroom environment. The session looks at simulation as a foundation for providing benefits in understanding computer security by providing a long term view of security, demonstrating a balancing act of data, program, and network access versus restriction, presenting a competition for limited defensive resources, involving cooperation from a variety of players, and staging an analysis of risk tradeoffs.

Simulation Approaches in Information Security Education