1 / 18

Center for Information Security: An Overview

Center for Information Security: An Overview. October 4th, 2002. CIS Overview. IA Mission: Education, Research and Service CS Faculty Prof. Sujeet Shenoi Prof. Mauricio Papa Prof. John Hale Other faculty in multidisciplinary track (Political Science, Economics, Law, History

lynch
Download Presentation

Center for Information Security: An Overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Center for Information Security:An Overview October 4th, 2002 University of Tulsa - Center for Information Security

  2. CIS Overview • IA Mission: Education, Research and Service • CS Faculty • Prof. Sujeet Shenoi • Prof. Mauricio Papa • Prof. John Hale • Other faculty in multidisciplinary track (Political Science, Economics, Law, History • Founded in 1996 • NSA Center of Excellence in Information Assurance Education (2000) • Only school in the country fully compliant with federal INFOSEC training standards University of Tulsa - Center for Information Security

  3. CIS Curriculum • Curriculum Features • IA courses integrated into the CS/IST curricula • 3 IA courses taught each semester • Federal CNSS Certifications offered at TU • CNSS 4011 (Information System Security Professional) • CNSS 4012 (Designated Approving Authority) • CNSS 4013 (System Administrator) • CNSS 4014 (Information System Security Officer) • CNSS 4015 (System Certifier) • 10 CNSS 4011 Certificates awarded in 2001 • 48 CNSS 4011/12/14 Certificates in May 2002 University of Tulsa - Center for Information Security

  4. Information Assurance Courses (Core) University of Tulsa - Center for Information Security

  5. Information Assurance Courses (Electives) University of Tulsa - Center for Information Security

  6. CNSS Course Mappings University of Tulsa - Center for Information Security

  7. CyberCorps • Scholarship for Service • Part of the Cyber Service initiative • Announced in May 2002 • NSF Grant to five Universities • University of Tulsa, Naval Postgraduate School, Iowa State University, Purdue University, University of Idaho and Carnegie Mellon University • Mission • Training of elite squadrons of computer security experts • Defense against Internet hackers and terrorists University of Tulsa - Center for Information Security

  8. CyberCorps Program • Objectives • Enroll 12 new students each year • Open to students in their junior year or first-year graduate students (two-year program) • Grant pays each student’s tuition for two years, room and board, travel to conferences and stipend • Obligations • Students must complete a summer internship in a federal agency at the end of their first year • Two years of service for the Federal Government University of Tulsa - Center for Information Security

  9. CyberCorps Program • Research • Students will conduct research in collaboration with federal scientists toward a Senior Project or Master’s Thesis • Teams: two undergraduates and one graduate student • Outreach Activities • Developing Information Technology Ethics courses for middle and high-school students • Collaborate with the National Memorial Institute for the Prevention of Terrorism in Oklahoma City University of Tulsa - Center for Information Security

  10. Research Projects • Telecommunications Security • Intrusion Detection • Attack Modeling and Visualization • Network Vulnerability Analysis • Computer and Network Forensics • Policy Mediation • Programmable Security • Cryptographic Protocol Verification University of Tulsa - Center for Information Security

  11. Telecommunications Security • DoJ project developing systems for defending PTNs from cyberterrorist attacks • Experimental PTN providing analog, digital and wireless telephony used for research • Convergence networks • SS7, xDSL, ISDN, wireless gateways • Collaboration with NIST and Williams University of Tulsa - Center for Information Security

  12. Intrusion Detection • DoJ project developing robust intrusion detection systems • Specialized software agents monitor network resources, report anomalies and intrusions • Initiate countermeasures • Collaboration with the ISTS/Dartmouth Consortium University of Tulsa - Center for Information Security

  13. Attack Modeling/Visualization • DoJ project developing coherent schemes for monitoring and visualizing Internet attacks in real-time • Java prototype under development • Distributed agents synthesize feedback from IDS into a special language • Subsequently transformed into an integrated graphical representation by centralized monitor University of Tulsa - Center for Information Security

  14. Network Vulnerability Analysis • DoJ project developing tools for mapping IP networks and analyzing vulnerabilities • In the process of including convergence technologies • Information includes operating system profiles and data, IP service fingerprints • SS7 network and wireless gateways • Integrated with an attack model database to support vulnerability analysis University of Tulsa - Center for Information Security

  15. Computer and Network Forensics • Currently supported by Williams Energy Services • Developing state-of-the-art forensic capabilities • Network scanners, IP profilers, chat room monitors, evidence preservation • Tools for recovering and analyzing evidence • Tulsa Police Department’s Cyber Crime Division University of Tulsa - Center for Information Security

  16. Policy Mediation • NSF project using primitive logic and mediator technology • Implement access control and metapolicies • Negotiate authorization policies in federated DB environments • Prototype in Java using JDBC and CORBA • NIST scientists have developed universal policy machines University of Tulsa - Center for Information Security

  17. Programmable Security • NSA and NSF supported project developing programming languages with constructs for programmable security • Primitive ticket-based model used to implement a variety of access control models (DAC, MAC, RBAC and TBAC) • Security checking at compile and runtime University of Tulsa - Center for Information Security

  18. Cryptographic Protocol Verification • Developed a formalism that integrates logic and process calculus components • Support for formal proofs about the protocol, knowledge and behavior of principals • Comprehensive modeling of encrypted and unencrypted messages • Expressive message passing semantics • Constructs for modeling agents • Modeling/Verifying security properties of distributed systems University of Tulsa - Center for Information Security

More Related