Arizona State University - PowerPoint PPT Presentation

1 / 19
About This Presentation
Title:

Arizona State University

Description:

Arizona State University CSE 465 Information Assurance CSE591 Information Assurance and Security Overview Professor Stephen S. Yau Fall, 2006 Information Assurance ... – PowerPoint PPT presentation

Number of Views:182
Avg rating:3.0/5.0
Slides: 20
Provided by: enpubFult
Category:

less

Transcript and Presenter's Notes

Title: Arizona State University


1
Arizona State University CSE 465 Information
Assurance CSE591 Information Assurance and
Security Overview Professor Stephen S.
Yau Fall, 2006
2
Information Assurance
  • Information Assurance (IA) encompasses the
    scientific, technical, and management disciplines
    required to ensure information security and
    quality.
  • Security techniques as well as organization,
    operation management and policy, legality, all
    play important roles.
  • Information quality also contributes to the
    overall information assurance of the information
    systems and networks.

3
National IA Program
  • The National Centers of Academic Excellence in
    Information Assurance Education (CAEIAE) Program
    is an outreach program designed and operated
    initially by the National Security Agency (NSA)
    in the spirit of Presidential Decision Directive
    63, National Policy on Critical Infrastructure
    Protection, May 1998.
  • The program is now jointly sponsored by the NSA
    and the Department of Homeland Security (DHS) in
    support of the President's National Strategy to
    Secure Cyberspace, February 2003.
  • The goal of the program is to reduce
    vulnerability in our national information
    infrastructure by promoting higher education in
    information assurance (IA), and producing a
    growing number of professionals with IA expertise
    in various disciplines.

4
CAEIAE Program (Cont.)
  • In order to be designated as a National Center of
    Academic Excellence in IA Education (CAEIAE),
    each applicant must pass a rigorous review
    demonstrating its commitment to and capability
    for academic excellence in IA education.
  • Prerequisite IA courseware must be certified
    under the IA Courseware Evaluation Program as
    meeting the Committee on National Security
    Systems (CNSS) Training Standards.
  • NSTISSI 4011 Information Systems Security
    (INFOSEC) Professionals
  • CNSSI 4012 Senior Systems Managers
  • CNSSI 4013 System Administrators (SA)
  • CNSSI 4014 Information Systems Security Officers
  • NSTISSI 4015 System Certifiers
  • CNSSI 4016 Risk Analyst
  • Additional standards are currently being
    developed
  • Specifically, certification for Standard 4011 is
    required, and certification of at least one of
    the CNSS Training Standards (4012, 4013, 4014,
    4015 or subsequent standards) is required.

5
CAEIAE Evaluation Criteria
  • Criteria 1 Partnerships in IA Education
  • Criteria 2 IA Treated as a Multidisciplinary
    Science
  • Criteria 3 University Encourages the Practice of
    IA
  • Criteria 4 Academic Program Encourages Research
    in IA
  • Criteria 5 IA Curriculum Reaches Beyond
    Geographic Borders
  • Criteria 6 Faculty Active in IA Practice
    Research Contribute to IA Literature
  • Criteria 7 State-of-the-Art IA Resources
  • Criteria 8 Declared Concentrations
  • Criteria 9 Declared Center for IA Education or
    Research
  • Criteria 10 Full-time IA Faculty

6
Benefits from CAEIAE Program
  • CAEIAEs receive formal recognition from the U.S.
    government, as well as opportunities for prestige
    and publicity, for their role in securing our
    nation's information systems.
  • Students attending CAEIAE schools are eligible to
    apply for scholarships and grants through
  • The Department of Defense (DoD) Information
    Assurance Scholarship Program
  • The Federal Cyber Service Scholarship for Service
    Program (SFS) operated by National Science
    Foundation (NSF)

7
CAEIAE Application Progress at ASU
  • Our courseware has been certified as meeting both
    NSTISSI-4011 and CNSSI-4012 standards
  • CSE 465 or CSE 491 covers 151 out of 256
    information items required in NSTISSI-4011
    standard and 171 out of 204 information items
    required in CNSSI-4012 standard.
  • Three information assurance concentration
    programs have been established in the Computer
    Science major for the B.S., M.S., and Ph.D.
    degree programs

8
Concentration in B.S. in CS
  • A minimum of 15 credits in Information Assurance
    and related areas as technical electives in the
    curriculum of B.S. degree in Computer Science
  • The students must take the following four
    courses
  • CSE465 Introduction to Information Assurance
  • CSE466 Computer System Security
  • CSE 467 Data and Information Security
  • CSE 468 Network Security
  • The students must take at least one of the
    following six courses
  • CSE412 Database Management
  • CSE434 Computer Networks
  • CSE 460 Software Analysis and Design
  • CSE 463 Introduction to Human Computer
    Interactions
  • CSE 471 Introduction to Artificial Intelligence
  • B.S. Degree capstone courses
  • The capstone project must have a major portion of
    the content in the Information Assurance area

9
Concentration in M.S. in CS
  • The M.S. degree requires 30 credit hours 24
    credits for coursework and 6 hours of
    thesis/research credit. The IA concentration
    requires
  • At least 9 course credits are taken from the IA
    core courses
  • CSE539 Applied Cryptography
  • CSE543 Information Assurance and Security
    (offered as 591 for Fall06)
  • CSE545 Software Security (offered as 591 in
    Spring06)
  • CSE548 Advanced Computer Network Security
    (offered as 591 in Spring06)
  • At least another 9 course credits are taken from
    the IA elective courses
  • CSE466/598 Computer Systems Security
  • CSE467/598 Data and Information Security
  • CSE531 Distributed and Multi-Processor Operating
    Systems
  • CSE534 Advanced Computer Networks
  • CSE565 Software Verification, Validation and
    Testing
  • M.S. thesis must have a major portion of the
    content in IA area
  • At least 3 credit hours of CSE592 Research
  • At least 3 credit hours of CSE599 Thesis

10
Concentration in Ph.D. in CS
  • The Ph.D. degree currently requires 54 credit
    hours beyond the M.S. degree 30 credits for
    coursework and 24 credit hours of thesis/research
    credit. The IA concentration requires
  • At least 12 course credits are taken from the IA
    core courses
  • CSE539 Applied Cryptography
  • CSE543 Information Assurance and Security
    (offered as 591 for Fall06)
  • CSE545 Software Security
  • CSE548 Advanced Computer Network Security
  • At least another 6 course credits are taken from
    the IA elective courses
  • CSE412/598 Database Systems
  • CSE460/598 Software Analysis and Design
  • CSE466/598 Computer Systems Security
  • CSE467/598 Data and Information Security
  • CSE468/598 Computer Network Security
  • CSE512 Distributed Database Systems
  • CSE531 Distributed and Multi-Processor Operating
    Systems
  • CSE534 Advanced Computer Networks
  • CSE561 Modeling and Simulation Theory and
    Applications
  • CSE565 Software Verification, Validation and
    Testing
  • CSE571 Artificial Intelligence
  • CSE572 Data Mining

11
Arizona State University CSE 465 Information
Assurance CSE591 Information Assurance and
Security Course Overview Professor Stephen S.
Yau
12
Course Overview
  • CSE 465 and CSE 591 are the entry course of our
    IA concentration programs at the undergraduate
    and graduate levels, respectively.
  • The objective of these two courses is to provide
    students with a basic and comprehensive
    understanding of the problems of information
    assurance (IA) and the solutions to these
    problems.
  • CSE 591 will cover more than CSE 465 on security
    concerns, IA research topics, as well as using
    selected techniques to deal with security
    problems of various information systems.

13
Course Description
  • Basic Concepts and Techniques
  • Overview of information assurance textbook1-
    ch1.1, ch17.1, textbook2-ch1.1,18.1
  • Security attacks, threats and vulnerabilities
    textbook1- ch1.2, ch19.3-4, ch20.1-3,
    textbook2-ch1.2, 22.2-4, 23.1-3
  • Security strategies
  • Authentication protocols and access control
    textbook1- ch4.4, 7.3-4, 11, 14, textbook2-ch12,
    15
  • Evaluation and architecture of classified data
    textbook1-ch18, textbook2-ch21
  • Intrusion detection textbook1- ch22,
    textbook2-ch25
  • Firewall textbook1-ch23.3
  • Password, personnel security and accreditation
    textbook1-ch1.7, ch11.2, ch13 textbook2- ch8,
    12.2
  • Virus detection and removal texbook1-ch19,
    textbook2-ch22
  • Cryptography and Steganography textbook1- ch8,
    9, 10.3. textbook2- ch9,10, 11.3
  • Countermeasures

14
Course Description (cont.)
  • IA Policy, Management, Legal and Ethical Issues
  • Information assurance policy textbook1-ch4,
    textbook2-part3
  • Security audits and accident responses
    textbook1-ch21, textbook-ch24
  • Managing security projects textbook1-ch17.2,
    ch26, textbook2-ch29
  • Security requirements engineering
    textbook1-ch17.1
  • Security assessments and evaluation
    textbook1-ch18, textbook-ch21
  • Risk analysis and management related to
    information assurance operations
  • Legal and ethical issues associated with privacy
    and forensics
  • Case Studies
  • National and corporation information assurance
    policy case study

15
Course Prerequisites
  • Knowledge of information systems, computer
    networks and their operations, and have taken one
    of the two following courses or their equivalent
  • CSE360 Introduction to Software Engineering
  • IEE305 Information Systems Engineering

16
Other Course Information
  • Line numbers 22780(CSE465)/04687(CSE591)
  • Class Schedule
  • MW 440 555 p.m.
  • Instructor Professor Stephen S. Yau
  • E-mail yau_at_asu.edu
  • Office Room BY 488
  • Office hours MW 300 345 p.m. and 605 635
    p.m.
  • TA Haishan Gong
  • E-mail Haishan.Gong_at_asu.edu
  • Office Room BY 468 DA
  • Office hours MW 230 345 p.m.

17
Other Course Information (cont.)
  • Textbooks
  • For undergraduate
  • Matt Bishop, Introduction to Computer Security,
    Addison- Wesley, 2004, ISBN 0321247442
  • For graduate
  • Matt Bishop, Computer Security Art and Science,
    Addison- Wesley, 2002, ISBN 0201440997
  • Other reading material Papers and reference
    books
  • Evaluation
  • Home work 20
  • Examinations 35
  • Course project 45

18
Course Project
  • Initial project proposal in electronic format due
    for approval no later than Wednesday, September
    6, 2006
  • Finalizing project title and description by
    September 25, 2006
  • Project interim progress report Monday, October
    16, 2006
  • Written project reports
  • -- The electronic format must be received by
    300 p.m. at least two working days prior to
    presentation. The report will be posted on the
    course website.
  • Length 35 to 60 pages for each project with 12
    point font size and 1.5 lines spacing
  • Presentations
  • 30 minutes per presentation per project
  • Presentation material (slides) submitted in
    electronic format by 300 p.m. at least one
    working day prior to the presentation date.

19
Course Web Address
  • CSE465
  • http//enpub.fulton.asu.edu/iacdev/
  • courses/CSE465/Fall2006/home.html
  • CSE591
  • http//enpub.fulton.asu.edu/iacdev/courses/CSE591i
    /fall2006/home.html
Write a Comment
User Comments (0)
About PowerShow.com