CIP Project to Enhance Undergraduate Security Curriculum

Posted: September 24, 2003 at 1:00 am, Last Updated: November 30, -0001 at 12:00 am

By Robin Herron

To help answer the ever-growing need for information systems security experts who can improve the nation’s information security defense, new elements that will enhance the undergraduate curriculum are being piloted this fall and next spring as a joint project between George Mason and James Madison University. The project is funded with a $300,000 grant under the Critical Infrastructure Protection Project based in the School of Law’s National Center for Technology and Law.

Anne Marchant, assistant dean for IT undergraduate education in the School of Information Technology and Engineering, who is one of three principal investigators for the project, says the George Mason-James Madison team will be developing modules that can be incorporated into existing or new IT or computer science courses anywhere. At George Mason, the modules will be incorporated into five networking and security track courses in the B.S. in Information Technology (B.S. IT) program. The rollout will take place in fall 2004.

Also being developed is a capstone course featuring cyber defense exercises modeled after those conducted at the U.S. Military Academy at West Point. As currently envisioned, the class will be divided into teams, one focused on attacking a system and one focused on defending it. “I’ve had students tell me that the allure of hacking is the challenge,” Marchant says, “but my answer to them is that defending is a far greater challenge. Usually the attackers get in.”

Edgar Sibley, University Professor and Eminent Scholar, Information and Software Engineering and Public Policy, is the other principal investigator from George Mason. Currently teaching the graduate course INFS 697/IT 962 Denial of Services, Sibley is using the class as a laboratory to experiment with the tools that will be used in the cyber defense exercises. In addition, the students in that class will become mentors for the undergraduates taking the capstone course. Plans are to offer the capstone course at George Mason for the first time next summer. Because of prerequisites needed for the class, including a course in ethics, it will be open only to seniors in the B.S. IT program and some graduate students who would take the course, aid in teaching, act as mentors, and help develop any required additional software.

Marchant says the undergraduate curriculum will be designed to dovetail into the graduate programs that Mason offers in information security, including the new M.S. in Information Security and Assurance, for students who wish to pursue a higher degree. As an example of the need for these programs, Marchant points to one of her students who was hired to work in wireless security at the Pentagon based on the strength of a paper he wrote for her IT 353 Information Warfare class.

The third principal investigator on the project is Hugh Tazewell Daughtrey Jr., computer science instructor and associate director of the Institute for Infrastructure and Information Assurance at James Madison, who will use the project to initiate new courses at his school.

“Our overall goal is to develop a model for undergraduate security curricula that could be applied to other universities. Eventually we’ll put the curriculum on the web for other universities to take and implement,” Marchant says.

For more information, contact Marchant.

Write to at