Article

Planning, building and operating the information security and assurance laboratory

Authors:

Herbert J. Mattord,

Michael E. WhitmanAuthors Info & Claims

InfoSecCD '04: Proceedings of the 1st annual conference on Information security curriculum development

Pages 8 - 14

https://doi.org/10.1145/1059524.1059527

Published: 08 October 2004 Publication History

Get Access

Abstract

With increasing interest by students and faculty in Information Security (InfoSec) Curriculum, and increasing demand for information security professionals from industry, many institutions are beginning the task of creating an information security program. Within these programs of study, it is important that the faculty and administrators planning the facilities and curriculum for InfoSec labs understand the unique demands of this endeavor. This paper provides an overview of some current practices.

References

[1]

Frank, C., Mason, S., Montante, R., Micco, M. and H. Rossman, "Panel Discussion: Laboratories for A Computer Security Course," <pub> (2002)

Google Scholar

[2]

Hill, J., Carver, C., Humphries, J. and Pooch, U., "Using an Isolated Network Laboratory to Teach Advanced Newtworks and Security", <pub> (2001)

Google Scholar

[3]

Huss, J., "Laboratory Projects for Promoting Hands-On Learning in a Computer Security Course," ACM SIGCSE Bulletin, (27) (June 1995) pp 2--6

Digital Library

Google Scholar

[4]

Tikekar, R. and Bacon, T. "The Challenges of Designing Lab Exercises for A Curriculum in Computer Security," <pub> (2003)

Google Scholar

[5]

Wagner, P. and Wudi, J., "Designing and Implementing a Cyberwar Laboratory Exercise for a Computer Security Course," Proceedings of the 35th SIGCSE technical symposium on Computer Science education, (2004) pp. 402--406

Digital Library

Google Scholar

[6]

National Information Assurance Training and Education Center Curriculum Page, Retrieved July 5, 2004 from http://niatec.info/curriculum.htm

Google Scholar

[7]

NSA Centers of Academic Excellence in Information Assurance Education, Retrieved July 5, 2004 from http://www.nsa.gov/ia/academia/caemap.cfm?MenuID=10.1.1.2

Google Scholar

Cited By

View all

Iqbal SThapa DAwad APäivärinta T(2015)Conceptual Model of Online Pedagogical Information Security LaboratoryProceedings of the 2015 48th Hawaii International Conference on System Sciences10.1109/HICSS.2015.16(43-52)Online publication date: 5-Jan-2015
https://dl.acm.org/doi/10.1109/HICSS.2015.16
Burd SLuo XSeazzu A(2013)Cloud-Based Virtual Computing LaboratoriesProceedings of the 2013 46th Hawaii International Conference on System Sciences10.1109/HICSS.2013.131(5079-5088)Online publication date: 7-Jan-2013
https://dl.acm.org/doi/10.1109/HICSS.2013.131
Haag JHorsmann TKarsch SVranken H(2011)A distributed virtual computer security lab with central authorityComputer Science Education Research Conference10.5555/2043594.2043602(89-95)Online publication date: 7-Apr-2011
https://dl.acm.org/doi/10.5555/2043594.2043602
Show More Cited By

Index Terms

Planning, building and operating the information security and assurance laboratory

Recommendations

Designing and teaching information security curriculum
InfoSecCD '04: Proceedings of the 1st annual conference on Information security curriculum development

With increasing interest by students and faculty in Information Security Curriculum, and increasing demand for information security professionals from industry, many institutions are beginning the task of creating a meaningful information security ...
Developing the BS-ISA: lessons learned and future directions - sponsored by NSF grant # DUE-0516192
InfoSecCD '06: Proceedings of the 3rd annual conference on Information security curriculum development

In April 2004, Kennesaw State University was designated as a National Center of Academic Excellence in Information Assurance Education by the DHS and the NSA. As a benefit of the program CAE institutions are eligible for a special NSF Grant program: the ...
The effect of a university information security survey on instruction methods in information security
InfoSecCD '05: Proceedings of the 2nd annual conference on Information security curriculum development

This paper reports on the need for Information Security Awareness educational programs to supplement teaching in Information Security. The need for such a program is demonstrated by findings resulting from a survey of university faculty and staff at ...

Reviews

Reviewer: Andre C. M. Marien

Information security (InfoSec) educational programs are created at many institutions. They often incorporate laboratory experience. Such a lab differs from other lab environments, in that it requires multiple operating systems (OSs), and must be isolated from other networks. This paper discusses solutions that are affordable, yet provide the learning experience for which the lab is intended. It discusses hardware, network issues, and software. The authors also discuss dedicated approaches to using such a lab, for example, presentations, tutorials, small exercises, demonstration, simulation, webinars, films, and videos. Lab management is the last topic covered. For each topic, a best practice recommendation is offered. The paper is short and to the point, and the advice is sound. The authors remark on the popularity of hacking labs. Not everyone in InfoSec is happy with such courses, but, as the authors remark, it may be the only option for students to learn about hacking safely. Online Computing Reviews Service

Access critical reviews of Computing literature here

Become a reviewer for Computing Reviews.

Comments

Information & Contributors

Information

Published In

InfoSecCD '04: Proceedings of the 1st annual conference on Information security curriculum development

October 2004

147 pages

ISBN:1595930485

DOI:10.1145/1059524

Conference Chair:
Michael E. Whitman
CISSP
,
Program Chair:
Amy Woszczynski
Kennesaw State University

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 October 2004

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

InfoSecCD04

Sponsor:

InfoSecCD04: First Annual Information Security Curriculum Development Conference

October 8, 2004

Georgia, Kennesaw

Acceptance Rates

Overall Acceptance Rate 18 of 23 submissions, 78%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

14
Total Citations
View Citations
940
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 16 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Iqbal SThapa DAwad APäivärinta T(2015)Conceptual Model of Online Pedagogical Information Security LaboratoryProceedings of the 2015 48th Hawaii International Conference on System Sciences10.1109/HICSS.2015.16(43-52)Online publication date: 5-Jan-2015
https://dl.acm.org/doi/10.1109/HICSS.2015.16
Burd SLuo XSeazzu A(2013)Cloud-Based Virtual Computing LaboratoriesProceedings of the 2013 46th Hawaii International Conference on System Sciences10.1109/HICSS.2013.131(5079-5088)Online publication date: 7-Jan-2013
https://dl.acm.org/doi/10.1109/HICSS.2013.131
Haag JHorsmann TKarsch SVranken H(2011)A distributed virtual computer security lab with central authorityComputer Science Education Research Conference10.5555/2043594.2043602(89-95)Online publication date: 7-Apr-2011
https://dl.acm.org/doi/10.5555/2043594.2043602
Burd SGaillard GRooney ESeazzu A(2011)Virtual Computing Laboratories Using VMware Lab ManagerProceedings of the 2011 44th Hawaii International Conference on System Sciences10.1109/HICSS.2011.482(1-9)Online publication date: 4-Jan-2011
https://dl.acm.org/doi/10.1109/HICSS.2011.482
Schweitzer DBoleng J(2009)Designing web labs for teaching security conceptsJournal of Computing Sciences in Colleges10.5555/1629036.162904225:2(39-45)Online publication date: 1-Dec-2009
https://dl.acm.org/doi/10.5555/1629036.1629042
Schweitzer DBrown W(2009)Using visualization to teach securityJournal of Computing Sciences in Colleges10.5555/1516595.151662624:5(143-150)Online publication date: 1-May-2009
https://dl.acm.org/doi/10.5555/1516595.1516626
Gleeson MMarkey DMtenzi F(2009)Investigation and development of a security and forensic analysis teaching environment2009 First International Conference on Networked Digital Technologies10.1109/NDT.2009.5272139(373-378)Online publication date: Jul-2009
https://doi.org/10.1109/NDT.2009.5272139
Khambari MFairuz Iskandar Othman MRadzi Motsidi MFaizal Abdollah M(2009)A novel approach on teaching network security for ICT courses2009 International Conference on Engineering Education (ICEED)10.1109/ICEED.2009.5490612(66-71)Online publication date: Dec-2009
https://doi.org/10.1109/ICEED.2009.5490612
Li JZhao YShi L(2009)Interactive Teaching Methods in Information Security CourseProceedings of the 2009 International Conference on Scalable Computing and Communications; Eighth International Conference on Embedded Computing10.1109/EmbeddedCom-ScalCom.2009.94(489-493)Online publication date: 25-Sep-2009
https://dl.acm.org/doi/10.1109/EmbeddedCom-ScalCom.2009.94
Schweitzer DHumphries JBaird L(2006)Meeting the criteria for a Center of Academic Excellence (CAE) in information assurance educationJournal of Computing Sciences in Colleges10.5555/1181811.118183322:1(151-160)Online publication date: 1-Oct-2006
https://dl.acm.org/doi/10.5555/1181811.1181833
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Designing and teaching information security curriculum

Developing the BS-ISA: lessons learned and future directions - sponsored by NSF grant # DUE-0516192

The effect of a university information security survey on instruction methods in information security

Reviews

Access critical reviews of Computing literature here