Virtual Laboratories for Learning Real World Security. The 12 th Colloquium for Information Systems Security Education University of Texas, Dallas June 2-4, 2008. Presented by: Tanya Zlateva Leo Burstein Andy MacNeil. Agenda. Introductions, Institutional Context Motivation - PowerPoint PPT Presentation
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Motivation To succeed in complex modern workplace, students
need solid academic knowledge and practical skills combined with key enterprise competencies
Reinforcement effect: studies show that students learn better when they understand practical applications of theoretical concepts
Properly designed Labs help students to develop important career-building skills (teamwork, passion to innovate, managing change, working in a global environment, building toolkits, etc.)
Virtual Laboratories for Learning Real World Security 04/21/23
Choosing Topics, Scope and Technology Putting Cryptography in Context
Crypto algorithms draw on the most abstract branches of mathematics while their correct (or incorrect) application decides vital problems ranging from security of nation’s critical infrastructure to privacy of personal information.
Choosing the ScopeModeling complex end-to-end integrated practical scenario (vs. isolated concept-specific exercises) helps to “see the whole picture”, learn real-life scenarios, and emphasize human factors (process vs. technology).
Virtualization as an Enabling Technology Minimize setup times and hardware requirements, promote role playing and team collaboration, implementation flexibility esp. simulating distributed environments, support for larger classes.
Virtual Laboratories for Learning Real World Security 04/21/23
Practice: Exploring Vulnerabilities of Typical Infrastructures
•Web server security-related configurations•Common Internet protocols•Network traffic analyzers (not just a hacking tool)•Common vulnerabilities and countermeasures
Virtual Laboratories for Learning Real World Security 04/21/23
Step 4 – Trusts, Signatures, Revocations – and Management
Virtual Laboratories for Learning Real World Security 04/21/23
10
Discuss: technology vs. processes; collaboration – all levels; security vs. business objectives; risk management; controls; central/ mandate vs. distributed/grassroots
“Tools” + “Rules” < 100%• awareness• clearly seeing “the whole picture” knowing what we don’t know
Useful tools and skills to jump-start my career Working with others and having fun! Learning through writing a manual to teach others … and getting respect for security processes for
the rest of my life
Virtual Laboratories for Learning Real World Security