To address national needs for computer security education, many universities have incorporated computer and security courses into their undergraduate and graduate curricula. In these courses, students learn how to design, implement, analyze, test, and operate a system or a network to achieve security. Pedagogical research has shown that effective laboratory exercises are critically important to the success of these types of courses. However, such effective laboratories do not exist in computer security education.Intrigued by the successful practice in operating system and network courses education, we adopted a similar practice, i.e., building our laboratories based on an instructional operating system. We use Minix operating system as the lab basis, and in each lab we require students to add a different security mechanism to the system. Benefited from the instructional operating system, we design our lab exercises in a way such that students can focus on one or a few specific security concepts while doing each exercise. The similar approach has proved to be effective in teaching operating system and network courses, but it has not yet been used in teaching computer security courses.To address these needs, many universities have incorporated computer and information security courses into their undergraduate and graduate curricula. In many curricula, computer security and network security are two core courses. These courses teach students how to design, implement, analyze, test, and operate a system or a network with the goal of making it secure. Pedagogical research has shown that students' learning is enhanced if they can engage in a significant amount of hands-on exercises. Therefore, effective laboratory exercises (or course projects) are critically important to the success of computer security education.Traditional courses, such as operating systems, compilers, and networking, have effective laboratory exercises, as the result of twenty years maturation. In contrast, laboratory designs in security education courses are still embryonic. A variety of approaches are currently used; three of the most frequently used designs are the followings: (1) the free-style approach, i.e., instructors allow students to pick any security-related topic they are interested in for the course projects; (2) the dedicated-computing-environment approach, i.e., students conduct security implementation, analysis and testing [2, 3] in a contained environment; (3) the build-it-from-scratch approach, i.e., students build a secure system from scratch [4].Free-style design projects are effective for creative students; however, most students become frustrated with this strategy because of the difficulty in finding an interesting topic. With the dedicated-environment approach, projects can be very interesting, with the logistical burdens of the laboratory-obtaining, setting up, and managing the computing environment. In addition, course size is constrained by the size of the dedicated environment. The third design approach requires students ...
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.