thatthegoals,methods,andevaluationtechniquesofinformationandcomputersecurityare Moscow,ID83844
|
|
- Aileen Flora O’Brien’
- 8 years ago
- Views:
Transcription
1 AnInformationSecurityEducationInitiativefor DepartmentofElectricaland ComputerEngineering Syracuse,NY13224 SyracuseUniversity Shiu-KaiChin EngineeringandComputerScience DepartmentofComputerScience DeborahFrincke NavalPostgraduateSchool StudiesandResearch CenterforINFOSEC Monterey,CA93943 CynthiaIrvine theundergraduateandgraduatelevels.itsfocusisontheneedforsucheducation,thedesired educationaloutcomes,andhowtheoutcomesmaybeassessed.abasicthesisofthispaperis Thispaperputsforwardacaseforaneducationalinitiativeininformationsecurityatboth UniversityofIdaho thatthegoals,methods,andevaluationtechniquesofinformationandcomputersecurityare Moscow,ID83844 consistentwithandsupportiveofthestatedgoalsofengineeringeducationandthegrowing movementforoutcomes-basedassessmentinhighereducation. Abstract Networkedcomputingandinformationretrievalareconsideredbymanytobecrucialtothewellbeingofthenation'sinformationinfrastructure[14].Theinformationinfrastructureincludessuch databases,networkprotocols,schedulingandroutingalgorithms,distributedhardware,andconcurraphy'sroleinsecuringtheinformationsociety,[40]. computingandelectroniccommerce.theseapplicationsrelyonacollectionofswitchingsystems, rentsoftware.thesesystemsmustworkcorrectlyandeconomicallywithguaranteesofperformance, availabilityofservice,safety,andsecurity. calledthe\informationsecurityproblem"bythenationalresearchcouncilinitsbook,cryptog- Theincreasinguse,relianceupon,andvulnerabilityoftheselarge-scaleinformationsystemsis Today'sinformationagerequiresU.S.businessestocompeteonaworldwidebasis,sharingsensitiveinformationwithappropriatepartieswhileprotectingthatinformationagainstcompetitors, vandals,suppliers,customers,andforeigngovernments.privatelaw-abidingcitizensdislikethe easewithwhichpersonaltelephonecallscanbetapped,especiallythosecarriedoncellularor cordlesstelephones.elementsoftheu.s.civilianinfrastructuresuchasthebankingsystem,the electricpowergrid,thepublicswitchedtelecommunicationsnetwork,andtheairtraccontrol 1WhyInformationSecurityEducationisNeeded diverseandcomplexapplicationsastelecommunications,airtraccontrol,healthcare,mobile 1
2 computingingeneral."intherushtoeldnewproductsandservices,developershaveoftenignored securityasafundamentalsystemrequirement. [29]is:\Theadvancesincomputersecurityhavenotbeenabletokeeppacewiththechangesin TheDefenseScienceBoardputsitmorebluntlyinitsNovember1996report,Reportofthe OneofthemajorproblemsconfrontingthesecuritycommunitycitedbyPeegerandCooper haveahighpriority. systemarecentraltosomanydimensionsofmodernlifethatprotectingtheseelementsmust DefenseScienceBoardTaskForceonInformationWarfare{Defense(IW-D)[7]: satisfysecurityrequirements.fortunately,a\theoryofcomputersecurity"[8]hasemergedthat TherealityisthatthevulnerabilityoftheDepartmentofDefense{andofthenation{to oensiveinformationwarfareattackislargelyaself-createdproblem.programbyprogram, economicsectorbyeconomicsector,wehavebasedcriticalfunctionsoninadequatelyprotected sucienttoenforcethepolicy,andassurancethatthemechanismsdoenforcethepolicy.its hasthreecomponents:apreciselyarticulatedsecuritypolicydescribingthemangement,protection,anddistributionofsensitiveinformationbyanorganization,asetoffunctionalmechanisms Thechallengeistodesign,developanddeploycomplexsystemswithcondenceintheirabilityto industryhassoldgloballymuchofthegenerictechnologythatcanbeusedtostrikethesetargets. telecomputingservices.inaggregate,wehavecreatedatarget-richenvironmentandtheu.s. implicationsarethat: ford[42]: Currently,fewresourcesarebeingappliedtoeducatingsecurityprofessionals,asnotedbySpaf- toachieveacoherentsecurityarchitecture,securitymustbeconsideredfromtheoutsetand competenceindesignforsecuritypolicyenforcement,testingforsecurity,andassessmentof notasanafterthought;and securitymustbepartoftheeducationofsystemimplementors. Ourstudentsandsoon-to-bestudentswillbedesigningourinformationtechnologiesofthe puterscienceprofessionalseducatedincomputersecuritynotedbyspaord[42],thecommission andrespondingtoattacksoncriticalinfrastructures"isanconcern.toremedythelackofcom- systemsareaprimarycommissionobjectiveand\educationonmethodsofreducingvulnerabilities tection[27].strategiesforsecurityagainstcomputer-basedattacksoninformationandcomputer ExecutiveOrder13010establishedaPresidentialCommissiononCriticalInfrastructurePro- future.weareendangeringthemandourselvesbecausethemajorityofthemwillreceiveno hasrecommended[28]signicanteortstofosterprogramsproducinggraduatesininformationand trainingininformationsecurity. computersecurity. TheaboveneedforeducationisechoedbytheDefenseScienceBoard.Itrecommends: workingwiththenationalsciencefoundationto\developeducationalprogramsforcurriculumdevelopmentattheundergraduateandgraduatelevelsinresilientsystemdesignpractices,"and 2
3 speaking,engineeringisfundamentallyaboutassuringresultsusingtechniquesbasedonscientic principles.thegoalistoengineersecuresystemsabinitiowithassuranceratherthantodiscover providestudentswithanunderstandingofthefoundationalconceptsofcomputersecurity?the thatwhatwehavebuiltisinadequate.docurrentengineeringandcomputersciencecurricula Tosatisfytheaboveeducationalgoalswemustmovetoacultureofengineering.Broadly makingthe\requiredskillsetmuchbroaderanddeeperineducationallevel[for]computer answeris\no."computersecuritydiersfromotherengineeringapproachesinthatthesystem scientists,networkengineers,electronicsengineers,businessprocessengineers." mustbeimplementedsuchthatsecuritypolicyenforcementtakesplaceeveninthepresenceof maliciouscode.atthe1996ieeesymposiumonsecurityandprivacy,schell[39]notedthatin thecontextofasubvertedsystemalackofsecuritymaynotbeevident. increasethelikelihoodthatournextgenerationofinformationtechnologyworkerswillhavethe tions,applicationofbestimplementationpractices,assessment,andcertication.whenlookingat backgroundtheyneedtodesignanddevelopsystemswhichareengineeredtobereliableandsecure {thattheyaredesignedtoprotectinformationinthefaceofmalicioussoftware[8]. curriculumdevelopment,analogousnotionshold.theseeducationalnotionsinclude: Bymovingtoacultureofengineeringwhichincludesappropriateknowledgeofsecurity,wecan Thesecuritycommunityhaslongembracedtheconceptsofrequirements,policies,specica- identicationofspeciceducationaloutcomesandskills; identicationofeducationalcriteriaforselectionofeducationaloutcomes; designofcoursesandcurriculatomeettheidentiedoutcomes; assessmentresultstoimproveeducationalprocessesisfullyembracedbyboththeaccreditation BoardforEngineeringandTechnology(ABET)foraccreditingallengineeringprogramsinthe Thetechniqueofidentifyingspeciceducationalgoals,assessingtheresults,andusingthese assessingtheactualoutcomes;and utilizingfeedbackfromassessmenttoimprovecurriculaandcourses. designingmeansofassessmenttoevaluatethesatisfactionofoutcomes; educationalgoalsofinformationsecuritywithinthecontextofengineeringandabetaccreditationisappropriate.electricalandcomputerengineers,andcomputerscientists,manyofwhom deploymentofmuchoftheinformationinfrastructure.theirknowledgeandunderstandingofthe areeducatedwithincollegesofengineering,areresponsibleforthedesign,implementation,and principlesunderlyingandtheengineeringtechniquesusedtoconstructsecuresystemsisessen- US[12],andbytheAmericanSocietyforEngineeringEducation(ASEE),[13].Examiningthe Section6. selecttheeducationaloutcomesinsection3.section3relatestheeducationalgoalsofsecurity tialfortheprotectionofsystemsfromthesmallesttothelargestandatalllevelsofcivilianand computerscienceandcomputerengineeringeducation. andengineeringandcomputersciencewithinacommonframework.section4outlinesproposed assessmentcriteria.section5discussescomputersecurityeducationprograms.conclusionsarein governmententerprise.thispaperprovidesaframeworkforintegratinginformationsecurityinto Theremainderofthispaperisorganizedasfollows.Section2discussesthecriteriausedto 3
4 2CriteriaforSelectingEducationalOutcomes edgeandskillsappropriatetoeachroleinthe\informationsociety"mustbeidentied.thereisa Itisinsucientandimpracticaltosayeverybodyneedstoknoweverythingaboutsecurity.Knowl- healthcare,highereducation,etc.thefocushereisontechnicaleducationincomputerandnetworksecurity.theoverarchingcriteriaforselectingeducationaloutcomesforinformationsecurity are: theeducationaloutcomesmustaddresssecurityneedsconsistent withthesecuritychallengesencounteredbygraduatesintheirpro- needfortechnicalliteracyamongdecisionmakerswithinenterprises,government,militarydefense, associatedsecurityconcerns.theserolesare: Irvinein\ChallengesinComputerSecurityEducation,"[20],identiestenrolesorjobtitleswith thespeciceducationaloutcomesforsecurityinagiveneducational fessionalroles,and 1.thegeneralpopulation; programmustbeconsistentwiththeeducationalcontextandlarger 2.corporateinformationprofessionals; outcomesofthespecicprogram. 3.computerprofessionals; 4.systemadministrators; 5.computersecurityemergencyresponseteam(CERT)members; 10.securityresearchers. 8.systemcertiers; 9.legalprofessionalsandlawenforcement;and 7.systemarchitects; 6.securesoftwareandhardwaredevelopers; areprimarilyconcernedwiththeeducationofsoftwareandhardwaredevelopers,systemarchitects, systemcertiers,certmembers,andsecurityresearchers.fortheseroles,irvine[20]identies educationalneedsforeachasfollows: Oftheabovetenroles,programsofelectricalandcomputerengineeringandcomputerscience Softwareandhardwaredevelopers,whendevelopingnewcomponents,shouldknowhowto securitypolicies. objectivesandhowsoftwarecanleveragehardwaretoproducesystemsabletoenforcespecic buildsecurityintoproducts.theyshouldunderstandhowhardwarecansupportsecurity 4
5 Systemarchitectsmustknowhowdierentsecuritymechanismswithinthesystemworktogether;aawedcomponentcanobviateallotherprotectionfeatures.Theymustunderstand includingthoseofsecurity. Systemcertiersmustknowhowtoinspectthedesignandimplementationofsystemsto overallrequirementsandmustbeabletodesignasystemthatmeetsavarietyofobligations, CERTmembersmustknowhowawsinexistingsystemsmakethosesystemsvulnerableto policies.theymustunderstandthepropertiesoftheunderlyinghardwareaswellasthe policyenforcementmechanism.rigorousapproachestoawanalysisandtheexposureof softwareandmustbeabletoanalyzetheevidencethathighlevelpolicyismappedtothe systemelementsvulnerabletoclandestineexploitationarerequired. determinethelevelofcondencetobeascribedtothosesystems'abilitytoenforcesecurity Securityresearcherspushthetechnologicalenvelope.Theymustunderstandtheinterplay externalthreats.theymustunderstandbothhardwareandsoftwarefactorsthatcontribute tothecreationofsystemawsandvulnerabilities,andgeneralizesolutionsacrosspotentially largesetsofservicesandproducts. enceprograms?thecomputingsciencesaccreditationboard(csab)criteriaforcurriculum betweensecurityandothersystempropertiessuchasfaulttoleranceandreal-timeconstraints. Criteria2000[12]. sciencecurriculum[9].table1belowliststheskillsetspeciedbyabetinitsreport,engineering assessmentemphasizestheimportanceofthescienticmethodasakeyconceptwithinacomputer Howwelldothesegoalsmatchwiththeevaluationcriteriaforengineeringandcomputersci- Theyshouldhaveadeepunderstandingofcomputerscienceandthescienticfoundationsof Comparingthesecurityskillsneededby1)softwareandhardwaredevelopers,2)systemarchitects,3)systemcertiers,4)CERTmembersand5)researchers,withtheABETcriteriarevealsa anabilitytodesignandconductexperiments,aswellastoanalyzeandinterpretdata; anabilitytodesignasystem,component,orprocesstomeetdesiredneeds; anabilitytoapplyknowledgeofmathematics,science,andengineering; computersecurity,andhavesignicantspecializedknowledgeintheirareaofresearch. closematchinthefollowingareas: Additionally,thebroaderareasof anabilitytoidentify,formulate,andsolveengineeringproblems anabilitytousethetechniques,skills,andmodernengineeringtoolsnecessaryforengineering anabilitytocommunicateeectively. anunderstandingofprofessionalandethicalresponsibility; thebroadeducationnecessarytounderstandtheimpactofengineeringsolutionsinaglobal practice;and andsocietalcontext;and 5
6 Engineeringprogramsmustdemonstratethattheirgraduateshave Criterion3.ProgramOutcomesandAssessment 2.anabilitytodesignandconductexperiments,aswellastoanalyzeandinterpret 3.anabilitytodesignasystem,component,orprocesstomeetdesiredneeds 1.anabilitytoapplyknowledgeofmathematics,science,andengineering Table1:ABETEvaluationCriteriaforEngineeringPrograms 5.anabilitytoidentify,formulate,andsolveengineeringproblems 4.anabilitytofunctiononmulti-disciplinaryteam(CERT)members 8.thebroadeducationnecessarytounderstandtheimpactofengineeringsolutionsinaglobalandsocietalcontext 6.anunderstandingofprofessionalandethicalresponsibility 7.anabilitytocommunicateeectively data 10.aknowledgeofcontemporaryissues 11.anabilitytousethetechniques,skills,andmodernengineeringtoolsnecessary 9.arecognitionoftheneedfor,andanabilitytoengageinlife-longlearning providemeaningfulconnectionstotheotherrolesidentiedbyirvinein[20]. Section3renestheconnectionsbetweensecurityandengineeringeducationgoalswithina aknowledgeofcontemporaryissues forengineeringpractice. InSection2wejuxtaposedtheeducationalgoalsofengineeringandcomputerscienceagainstthe commonframework. 3EducationalOutcomes educationalneedsintheareaofsecurityforvarioussocietalroles.inthissectionwewillrelatethe twoinmoredetailsothattheeducationalgoalsofsecurityforhardwareandsoftwaredevelopers, Third,eacheldhasstandards.Fourth,eacheldhasnotionsofevaluationandassessment.Finally, interest.second,eacheldhassystematicwaysofthinkingandanalysisforarrivingatsolutions. engineering,andcomputerscienceareconcernedwithsolvingproblemsintheirrespectiveeldsof eachwithinacommonframeworkofcriticalthinkingwhichisappliedacrossvirtuallyalluniversity systemarchitects,systemcertiers,certmembers,andpotentialresearchersaremetwithinthe frameworkofengineeringandcomputerscienceprograms.todoso,wewillexaminethegoalsof usedbyotherdisciplinestosecurityasscienceandengineering. securityeducationtobroadereducationalobjectivesandallowsustoadaptassessmenttechniques workingwithinacommonframeworksharedbymanyotherdisciplinesallowsustorelategoalsfor disciplines. InSection3.1wedescribeaframeworkforcriticalthinking.Section3.2relatesthedisciplines Whyexaminebothgoalswithinaframeworkofcriticalthinking?First,thedisciplinesofsecurity, ofsecurity,engineering,andcomputersciencewithinthatframework.section3.3examineshow 6
7 securityandengineeringonthebasisofpublishedcriteriaandgoals. welltherelationshipbetweensecurityandengineeringmeetstheeducationalgoalsofinformation TheimportanceofcriticalthinkingasahigherorderframeworkisidentiedbyformerSecretary oflabor,robertreichinhisbook,theworkofnations,[31].reichputsforthfourskillsin particular:1)abstraction,2)systemthinking,3)experimentationandtesting,and4)collaboration. 3.1AFrameworkforCriticalThinking PaulandWillsenin[33]summarizeReich'slistofskillsasfollows: 1.CommandofAbstractions 2.ThinkingWithinSystems Thecapacityforabstraction{fordiscoveringpatternsandmeanings{is,ofcourse,the 3.TestingIdeas veryessenceofsymbolicanalysis,inwhichrealitymustbesimpliedsothatitcanbe understoodandmanipulatedinnewways:::(pp.229{230) beenselected,whytheyareimportant,howtheywerededuced,andhowtheymightbe theproblemarisesandhowitisconnectedtootherproblems.(p.231) contradicted.thestudentlearnstoexaminerealityfrommanyangles,indierentlights, Theeducationofthesymbolicanalystemphasizessystemthinking.Ratherthanteach interpretation.thestudentistaughttogetbehindthedata{toaskwhycertainfactshave Insteadofemphasizingthetransmissionofinformation,thefocusisonjudgmentand studentshowtosolveaproblemthatispresentedtothem,theyaretaughttoexaminewhy 4.LearningtoCollaborateandCommunicate andthustovisualizenewpossibilitiesandchoices.thesymbolic-analyticmindistrained tobeskeptical,curious,andcreative.(p.230) describedbydianehalpern[17]as: ThelistofskillsidentiedbyReichistheessenceofcriticalthinking.Criticalthinkingis theuseofthosecognitiveskillsorstrategiesthatincreasetheprobabilityofadesirableoutcome. credittoothers.theyalsolearntonegotiate{toexplaintheirownneeds,todiscernwhat ndanswers.theylearnhowtoseekandacceptcriticismfrompeers,solicithelp,andgive othersneedandviewthingsfromothers'perspectives.(p.233) Studentslearntoarticulate,clarify,andthenrestateforoneanotherhowtheyidentifyand asaseriesofquestions: RichardPaulandJaneWillsenin[34]reneHalpern'sdenitiontoanindividual'spointofview Itis:::purposeful,reasoned,andgoaldirected{thekindofthinkinginvolvedinsolving problems,formulatinginferences,calculatinglikelihoods,andmakingdecisionswhenthethinker isusingskillsthatarethoughtfulandeectivefortheparticularcontextandtypeofthinking task. 7
8 WhatprecisequestionamItryingtoanswer? WithinwhatpointofviewamIthinking? Whatisthepurposeofmythinking? Whatwouldtheconsequencesbe,ifIputmythoughtintoaction? WhatamItakingforgranted,whatassumptionsamImaking? IfIaccepttheconclusions,whataretheimplications? Whatconceptsorideasarecentraltomythinking? HowamIinterpretingthatinformation? WhatconclusionsamIcomingto? WhatinformationamIusing? frameworkofpaulandnosich,[32]: Theframeworkweusetodescribesecurityandengineeringisbasedonthecriticalthinking 2.Whatarethequestionsatissue,orproblemstobesolved? 5.Whataretheconceptualdimensionsofreasoning? 4.Whataretheempiricaldimensionsofreasoninginthediscipline? 3.Whatarethediscipline'spointsofview,orframesofreference? 1.Whatisthediscipline'spurpose,goal,orend? neering,andrelatethetwodisciplineswithintheframework. 6.Whatassumptionsaremadebythediscipline? 3.2RelatingSecurity,Engineering,andComputerScienceWithinaFramework Usingtheaboveframework,wecananswerthequestionsastheypertaintosecurityandengi- 8.Whatinferencescanbemadedrawinguponthediscipline? 7.Howisthedisciplineusedtodrawimplicationsandconsequences? designedtobebothcontinuouslyeectiveinenforcingpolicyandresistanttomalicioussoftware: InGoalsforSecurityEducation[19]andNPSCISR:SixYearsofExperience[21],Irvinedescribes topicschosentoillustrateandenforcethenotion[4]thatcertaincomponentsofthesystemmustbe ofcriticalthinking 8
9 securitypolicymodels formalmethodsappliedtosystemspecication,development,and hardwareandsoftwareprotectionmechanisms securesystemdesign,implementationandtesting databasesecurity moderncryptography analysis cryptographicprotocols PeegerandCooperin[29]listvebroadclassicationsofsecurityconcepts. coherentnetworksecurityarchitectures auditing identicationandauthentication keymanagementandkeydistribution 1.Policy{understandingthreatsfromwhichinformationrequiresprotectiontoinsurecondentiality,integrity,andavailability. toaccessandaectsystemresources. 3.Identicationandauthorization{associatingtheactivitiesoftheexecutingcomputerwith 2.Privilege{creatingmechanismstodistinguishandcontroltheabilityofactivesystementities engineeringandsciencecurricula,weusetheframeworkasshownintable2.sections3.2.1through Theaboveareamixtureoftechniques,goals,andproperties.Torelatethemtocomputer 5.Audit{thecreationoftracesandtheirinterpretation. 4.Correctness{withprovidingassurancethatthehardware,software,andsystemsforsecurity policyenforcementarenotsusceptibletotamperingorbypass. individualusers,whomaybeheldaccountablefortheactivitiesundertakenontheirbehalf Purpose,Goal,orEnd 3.2.8summarizetheelementsofeachdisciplinewithintheframework.Educationaloutcomesare processeswhichmeetadesiredendorrequirement.amajorgoalofsecurityistodevelopcomputingsystemsthatcanensuresecuritypolicyenforcementinthepresenceofmalicioussoftware andabusiveuserbehavior.hencethegoalmayencompasspolicyobjectivesforinformationcondentiality,integrity,andavailability.inaddition,thesystemmustprovideamechanismtoholdits listedforeachelement. Majorgoalsincomputerengineeringandcomputerscienceistoconstructcomputersystemsor 9
10 Elements Purpose,goal,orend.Developsecuritypolicybasedon Questionsorproblemstobesolved.Howaresecuritypropertiesde- Table2:SecurityandEngineeringinaCriticalFramework assuranceofcorrectandcontinuoussecuritypolicyenforcement.constructcomputersystemsor threats.buildsystemproviding scribedinthecontextofanau- tomatedsystem?howarese- curitypropertiesengineeredinto systems?whatassurancecanprocessestomeetadesiredend tiesdoinfactexistintheim- plementationandthattheyare tamper-resistant? Whatarethestructuresofhard- beprovidedthattheseproper-orrequirement. framesofreference.architects,softwaredesigners, Pointsofviewand ware,software,andsubsystem componentswhichsatisfythe properties?whatisthemeans systems,securesubsystems,securenetworkinganddistributedarethedesignandimplementa- computing,databases,etc. sors,operatingsystems,compil- ers,databases,etc. hardwaredesigners. Variousapplications:proces- Architects,softwaredesigners, tionveriedandtested? hardwaredesigners. Variousapplications:operatingofconstruction?Bywhatmeans sionsofreasoning.principlesofconstructionand Empiricaldimensions ofreasoning. Conceptualdimen-analysis.Informationtheory, discretemathematics,cryptographytheory,formalprotocols, formallogics,formalmethods, ematics,linearsystemstheory, Principlesofconstructionand niteautomata,discretemath- logic,declarativeprogramming, object-orienteddesign. analysis.switchingtheory,- measurements. Experiments.Penetrationtestoratorydemonstrations,systeogy,covertchannelanalysis,labing,awhypothesismethodol- administrationissues,problems incommercialsystems. Experiments.Laboratory demonstrations,prototypes, simulation,testing,performance object-modeldesign. Assumptionsmade.Components,services, Implicationsandconsequences. Inferences. Auditingandtraceanalysis.Intrusiondetection.Failsecurtribution.Congurationman- functions,andpropertiesfor Useracceptability.Trusteddisagement.Cost.Ethics. Easeofmaintenance.Ethics. ysis.easeofmanufacture.cost. Components,services, functions,andpropertiesfor reference. eachlevelofdesignandframeof Riskanalysis.Maintenance. ication. operation.systemtestandver-systemtestandverication. Risk,safety,andreliabilityanal- Faultdetection.Errordetection. eachlevelofdesignandframeof reference. 10
11 usersaccountablefortheiractionsthroughidenticationandauthentication,andaudit.finally, usersmusthavecondencethattheirinformationwill,infact,beprotectedwithinthesystem. EducationalOutcomes Abilitytoclearlystatethepurposeofarequirement,itssignicance,anditsachievabilitytureofcomponentshavethepropertieswhicharerequired?Thisquestionisaskedatalllevelsof 3.2.2QuestionsorProblemstobeSolved Thefundamentalcharacteristicofengineeringistheabilitytoanswerthequestion,doesthisstruc- Abilitytodeterminetheconsistencyofrequirementsandpurposes. aresystemsofhardwareandsoftware. design,fromthelevelwherecomponentsaretransistors,tothelevelwherecomponentsthemselves mentpermitstheprecisearticulationofsecurityrequirementsanddemonstratesthefeasibilityof combinationwiththedevelopmentofhighlevelsecurityarchitecturesandtheirstep-wiserene- mappingstoprovideachainofevidencethattheimplementationdoescorrespondtopolicy,in maliciouscode?theuseofformalsecuritypolicymodels,formalspecications,andassurance temoperation.thequestionateachlevelofdesignis,doesthisstructureofcomponentsmap toamechanismforsecuritypolicyenforcementforwhichwehavecondenceinthepresenceof condentiality,integrity,andavailability,areformulatedaspropertiesthatmustholdduringsys- Insystemdesign,manypropertiesmustbesatised.Securityrequirements,brokendownto arealimplementation. EducationalOutcomes Abilitytoclearlyformulatequestionsofsignicancerelativetothe Abilitytoclearlyandpreciselystatetheproblemtobesolvedand overallpurpose. ofrolesandapplications.thetechnicalrolesinsecuritywereidentiedinsection2assystem 3.2.3PointsofViewandFramesofReference Thepointsofviewandframesofreferenceforbothsecurityandengineeringaregiveninterms Abilitytodeterminefeasibilityofproblemsolution. howitcanbedecomposed. describingacombinationofcomputerandnetworksecuritymechanismstoinsureacoherentsystem mainlybythecomponents,functions,services,andmeansofreasoningavailabletoeach. thetrustworthinessofthesystemsecurityocer,aparticularinstruction-setarchitectureand designers.theseroleshavemeaninginbothengineeringandsecurity.theserolesarecharacterized fortheenforcementofpolicy.whenbuildingasecuresystem,thedesignersmaytakeasaxioms hardwareplatforms,andoperatingsystems.securityconcernsatthearchitecturelevelmayentail architects,softwareandhardwaredevelopers,systemcertiers,certmembers,andhardware Forexample,systemarchitectsassumeascomponentsparticularnetworks,networkservices, 11
12 concernedwiththeeectiveuseofhardwaremechanismstosupporttheseobjectives.thehardware designerwillattempttoconstructdevicesthatsubstantivelysupportprotectionobjectiveswhile admittingawidevarietyofsoftwareimplementations.ahardwaredesignermayassumeaparticular celllibrary,memoryorganization,instruction-set,etc.securityconcernsmayfocusoncorrectness. insureprocessisolationandtheprotectionoftheoperatingsystem.thesoftwaredeveloperwillbe programminglanguage.usinghardwareandsoftware,itispossibletoconstructasystemto signicantapplicationareasforbothengineeringandsecurity. Systemelementssuchasprocessors,operatingsystems,compilers,databases,networks,etc.,are EducationalOutcomes Abilitytodesignandanalyzesolutionstomeetrequirementsand Abilitytounderstandtheimpactactionsinonelevelorviewpoint Abilitytotrade-oseveralrequirementsfromdierentviewpoints specicationsatmultipleslevelsofabstractionandwithseveral haveonotherlevelsorviewpoints. viewpoints. instrumentingsystems,measuringtheirperformance,andbytestingandsimulation. Theempiricaldimensionisconcernedwithexperimentsandwiththeresultsattainedon\real" 3.2.4EmpiricalDimensionsofReasoning systems.inengineering,empiricalresultsareobtainedonthe\labbench"bybuildingprototypes, Alloftheaboveempiricalmethodsareapplicabletosecurity.Functionalinterfacetesting, inordertoachievethemaximumbenet. analysesbasedontheflawhypothesismethodology[47]conducted.analysesareconductedand userconvenienceandsystemeciency.techniquesforassessingthevulnerabilityofsystemsmay maybeexaminedforaws[41],covertchannelsanalyzed[24,49],andsystematicpenetration beusedtoexaminerealsystemsforrealaws. prototypesystemsarebuiltandexaminedforsecurityaws,suchasvulnerabilityto\real"attacks. Performanceissuesmayalsobeexaminedbybalancingexpecteddecreasesinvulnerabilityversus unitandmoduletestingareallpartofthedevelopmentprocessforasecuresystem[26].hardware internalengineeringtestsofselectedsubsystems,systemgenerationandrecoverytests,aswellas EducationalOutcomes Abilitytoconstructexperimentsorprototypestodemonstrate Theconceptualdimensionsofreasoningdenethediscipline.Incomputerengineeringandscience, 3.2.5ConceptualDimensionsofReasoning Abilitytoobserve,collect,analyze,andinterpretdatafromexperiments. somepurposeorfacilitatesomemeaningfulexploration. conceptsformtheprinciplesofconstructionandanalysis. thefundamentaltheoreticalconceptsarebasedonmathematics,logic,andphysics.thetheoretical 12
13 positionofsignalsandonsuperposition.thisgivesrisetotheclassicaltreatmentsofnetworks, controls,andcommunicationstheory. programmingandobject-orienteddesigndependontypetheory. tionallogic,predicatecalculus,discretemathematics,andnite-statemachinetheory.functional ware,securityalsoincludestheoreticalconceptstosupportthedevelopmentanduseofcryptography Inelectricalandcomputerengineering,linearsystemstheoryisbasedonthesinusoidalcom- andtheuseofformalmethodsforvericationandcovertchannelanalysis.themeansforanalysis andcryptographicfunctions;cryptographicprotocols;formalpolicymodels;formalspecication; isbasedondiscretemathematics,informationtheoryandmathematicallogic{suchasstandard Theconstructionofcomputerhardwareandtoalesserextentsoftware,isbasedonproposi- predicatecalculus,modallogic,andspecializedbelieflogics. Inadditiontoapplyingstandardmathematicalfoundationsforconstructinghardwareandsoftment: EducationalOutcomes Foreachlevelofdesignabstraction,application,andforeachrequire- Clearunderstandingofthemathematical,logical,andphysicalconceptswhichformtheanalyticalbasisandprinciplesofconstruction. Theassumptionswhicharemadebyeachdisciplinearebasedonthecomponents,services,and 3.2.6AssumptionsMade Abilitytoapplyanalyticalconceptsandprinciplesofconstruction totheanalysisandconstructionofrealsystems. levelsofabstractionaredenedbytheseassumptionsaswellastheparticularrulesofcomposition usedforforcreatingstructuresofcomponents.forexample,designersofauthenticationprotocols assumethepresenceofencryptionfunctionsofsuitablestrength.designersofsoftwareassumethe correctnessofthehardwareplatformsupportingtheinstruction-setarchitecture.securesystem designersmayassumethatthesystemsecurityocer/administratoristrustworthyandthatthe propertiesassumedtobeavailableforeachlevelofdesignandframeofreference.designlevelsand compiler,placedundercongurationmanagement,doesnotcontainarticestocreatetrapdoors. ingassumptionsmadebyeachsetofconcerns.inconsistentassumptionsarecausedbymismatches indesignlevels,framesofreference,orapplications. Ameanstocheckconsistencybetweensecurityandengineeringconcernsistochecktheunderlyment: EducationalOutcomes Foreachlevelofdesignabstraction,application,andforeachrequire- Abilitytoclearlystateassumptionsbeingmade. Abilitytojustifytheassumptionsbeingmade. Abilitytochecktheconsistencyofassumptionsbeingmade. 13
14 Inbothengineeringandsecurity,theimplicationsandconsequencesofdesigndecisionsandsystem behaviorshavetheirimpacton: 3.2.7ImplicationsandConsequences Riskanalysis; Cost; Easeofmanufacture; riencedandsuccessfulsystemarchitectsanddesignersndthiscorrectbalancebasedonexperience, framework.thecorrectbalancingofconsequencesissometimestermedas\businesssense."expe- Thedeterminationofimplicationsandconsequencesreliesonallthepreviouselementsofthe Ethicalconsiderations. Reliability;and Easeofmaintenance; followingcriteriaintable1: empiricalreasoning,andconceptualreasoningcoupledwithadeepunderstandingoftheintended purposeorgoal. Determiningtheethicalconsequencesofcomputeruseiscomplex[5]butmaybebasedonthe Anunderstandingofprofessionalandethicalresponsibility; Aknowledgeofcontemporaryissues. Thebroadeducationnecessarytounderstandtheimpactofengineeringsolutionsinaglobal andsocietalcontext;and EducationalOutcomes Abilitytoanticipateandclearlystatewithprecisionandaccuracy systems.inferenceswhicharemadeincludethedeterminationof: 3.2.8Inferences TheelementsofSections3.2.1through3.2.7areusedtoinferconclusionsaboutsecurityand Abilitytojudgethelikelihoodofconsequences. thepositiveandnegativeconsequences. Theaboveareconcernswhicharecommontobothsecurityandengineering. Detectionofandprovingabusivebehaviorbasedonprolingandauditdata. SystematicpenetrationtestingandtheFlawHypothesisMethodology[47];and Failsecureandsecuresystemrecovery; 14
15 EducationalOutcomes 3.3AretheFrameworkandOutcomesSatisfactory? Abilitytojustifyconclusions. Abilitytodrawconclusionswhicharerelevantandconsistent. Abilitytodrawcorrectinferencesbasedonprinciples,observations, OnewaytoevaluatetheadequacyoftheframeworkandoutcomesdescribedinSections3.2.1 concepts,anddata. computersecurityexpertsandaccreditationcriteriaforelectricalandcomputerengineering.we through3.2.8istocompareittostatedrequirementsforinformationsecurityeducationmadeby examinetheproposededucationalframeworkagainsttheremarksmadebyemployersinthecomputersecurityeldatthe1996ieeesymposiumonsecurityandprivacy[39,6],the1997acm andcomputerengineeringproposedbytheieee. mationsystemssecurityeducation[23],andagainsttheaccreditationrequirementsforelectrical WorkshoponEducationinComputerSecurity[44],andthe1997NationalColloquiumforInfor- 2.RogerSchell,SeniorDevelopmentManagerforInformationSecurity,NetwareSystemsGroup, 1.BillMurray,SeniorVicePresident,DeloitteandTouchsaid[23]: Novell,Inc.[39]askedforindividualswho: Canthinkcritically. Understandfundamentalcomputerscienceconcepts;and \Computerscienceeducationwithrespecttosecurityneedsrigor,disciplineandsound engineeringvalues." 3.JimSchindler,InformationSecurityProgramManageratHewlettPackardhasdescribed 4.JohnKauza,VicePresidentforSecurity,ATT,providedhislistofskillsandcorecompetencies securityprofessionalsasindividualswhoareabletoadaptandbuildsecuresystemsinaworld ofchangingtechnology,changingcomputerparadigmsandchangingsecurityrequirements [39]. asfollows,[23]: 5.SteveBarnett,oftheNationalSecurityAgency,[6]madethefollowingpoints: Technicalcomputerscienceknowledge;and Ethics; Securitysolutionsmustbesoughtinthecontextofchangingtechnology. Securityorientation; Focusonthesupportiveskillsinotherclassesincluding: Operational/practicalexpertisetothinkandapplytoindustry. 15
16 Securityrequiresacomprehensivesystemsapproachandstudentsmust Complementformalapproachestosecuritywithpracticalexamplesandapplications. {Beabletodesigntomeetthoserequirements; {Beabletostatesecurityrequirements; {architectureanddesign;and {hardware,software,andprotocolsforsystemsandnetworks. 6.DanielFaigin,oftheAerospaceCorporation'sTrustedComputerSystemsDepartment,which isinvolvedintesting,securityresearch,andsystemevaluations,described: BasicSkills {Beabletotestdesignsandimplementations;and {Beabletoimplementthedesigncorrectly; {Fundamentalunderstandingofsoftwareengineeringtechniques; {Beabletomanagesystemcongurationandmaintenance. Supplementalskills {Familiaritywithsecuresystemevaluationcriteria;and {Experiencewith {Goodcommunicationskills; {Understandingaspecicareasuchas:operatingsystemdesignandarchitecture,information systemssecurity,networks,ordatabaseapplications;and Giventheabovelist,werespondtothemainpointsofeachasfollows. 1.Examiningthesepoints,items1,2,3,4,5,and6,allspecifythatsecurityisnotanisolated Hardware, disciplinebutpartofthelargercontextofengineeringandcomputerscience.theframework Formalmathematicallogic, relatesengineeringandsecuritywithineachelementoftheframeworkwhichcoverstop-level Variouslanguagesandoperatingsystems. Testingandtestingmethodologies,and 2.Kauzaspeciesthatethicsbepartofsecurityeducation.Thisisalsopartofengineeringeducationandispartofthecommonframeworkunderimplicationsandconsequences.However, goals,design,implementation,analysis,andtesting. 3.Kauza,Faigin,andSchindlerrequireoperationalexpertiseapplicabletoindustry.Thisis itisnoteworthythataconclusionemergingfromthe1997wecs[18]wasthatinformation thattheappropriatevenueforsocial,legalandethicalissuesassociatedwithcomputingmay responsibilityshouldbetaughtwellbeforestudentsenterinstitutionsofhighereducationand 4.Theremainingpointsdealwithspecicconcernsoverlinkingsecuritytoseveralengineering beprogramdependent. coveredwithintheframeworkunderempiricaldimensionsofreasoning. tion.theproposedframeworkcoversrequirementsthroughtestingandvalidation.barnett's activitiesspanningrequirements,specication,design,implementation,testing,andvalida- pleafortheorytoinformpracticeandpracticetoinformtheoryisreectedinboththe conceptualandempiricaldimensionsofreasoning. 16
17 Table3:AccreditationCriteriaforElectricalandComputerEngineering SubmittedbytheInstituteofElectricalandElectronicsEngineers,Incorporated ProposedProgramCriteriaforElectrical,Computer,and SimilarlyNamedEngineeringPrograms Criterion3inthreeormoreareasofelectricaland/orcomputerengineeringasappropriatetotheprogramnameandobjectives.Graduatesmustdemonstrateknowledge Theseprogramcriteriaapplytoengineeringprogramswhichincludeelectrical,electronic,computer,orsimilarmodiersintheirtitles. Curriculum Programsmustdemonstratethattheirgraduateshaveachievedtheoutcomeslistedin January16,1997(Revised2/5/97,2/21/97,3/4/97,3/8/97) ofprobabilityandstatistics,includingapplicationsappropriatetotheprogramname andobjectives.graduatesmustdemonstrateknowledgeofmathematicsthroughdifferentialandintegralcalculus,basicscience,andengineeringsciencenecessaryto mathematics,typicallyincludingdierentialequations,linearalgebra,andcomplex themodierelectricalinthetitlemustalsodemonstratetheknowledgeofadvanced variables.graduatesofprogramscontainingthemodiercomputerinthetitlemust analyzeanddesigncomplexdevicesandsystemscontaininghardwareandsoftware alsodemonstrateknowledgeofdiscretemathematics. componentsandappropriatetoprogramobjectives.graduatesofprogramscontaining TheaccreditationcriteriaforelectricalandcomputerengineeringprogramsproposedbytheIEEE isshownintable3.theyrefertocriterion3containedintable1.programsmustdemonstrate 5.Schellsynthesizedtherequirementsbyaskingforengineersandscientistswhoarecapableof thatgraduateshave: Howwelldoestheproposedframeworkmeettheaccreditationrequirementsforengineering? ofcriticalthinkingdirectlyaddressesthishigherorderrequirement. thinkingcriticallyaboutsecuritywithinsystems,asopposedtotechnicianswhoaremerely knowledgeableofsecuritytechniques.placingsecurityandengineeringwithinaframework AchievedtheoutcomeslistedinCriterion3inthreeormoreareasofelectricaland/orcomputerengineering; Alloftheaboveitemsarecontainedwithintheproposedframework.Ifproperattentionisplaced Knowledgeofdiscretemathematics. Knowledgeandapplicationofmathematicsandengineeringsciencenecessarytoanalyzeand totheelementofpointsofviewandframesofreference,multipledesignlevelsandapplicationswill beaddressed. designcomplexdevicesandsystemscontaininghardwareandsoftware;and 17
18 respectivefunctionalandassurancerequirements.(seetable4fromgasser[16]).forconsumers, Assessmentofsystemsisanacceptedpracticebythesecuritycommunity.Forexample,theTrusted ComputerSystemEvaluationCriteria(TCSEC)[25]describesevensystemratingclassesandtheir awthatwouldresultinacatastrophicfailuretoenforcesecuritypolicy.theobjectiveistoassess 4AssessingtheResults theratingsprovideanindependenttechnicalassessmentofthelikelihoodthatasystemcontainsa systemsbasedontheirbehaviors,capabilities,anddegreeofcondenceintheimplementation. ClassTitle A1VeriedDesign B3SecurityDomainsReferencemonitor(securitykernel),\highlyresistant Table4:TrustedSystemEvaluationCriteriaRatings B2Structured demonstration. covertchannelanalysis,informalcodecorrespondence topenetration." KeyFeatures Formaltop-levelspecicationandverication,formal B1LabeledSecurityPro- C2ControlledAccess C1Discretionary SecurityProtectionDiscretionaryaccesscontrols,protectionagainstaccidentsamongcooperatingusers. Mandatoryaccesscontrols,securitylabeling,removal Individualaccountability,extensiveauditing,add-on packages. orientedarchitecture,\relativelyresistanttopenetra- tion." ofsecurity-relatedaws. Formalmodel,covertchannelsconstrained,security- mostofwhichtraditionallyassessedlower-orderskillssuchasrecall.rather,thechallengeistosee ifstudentsareableto\thinklikeanengineerorthinklikeacomputersecurityspecialist." whetherstudentshavelearnedandifso,howmuch?thisisnotmerelytheadministrationoftests, Theproblemfacedbyeducatorsishowtoassessthecapabilitiesofstudents.Howdowejudge Onemeasureofasuccessfulcurriculumiswhenthereiscompellingevidencethatstudentswho DMinimalProtectionUnrated. gathereddependsonanswerstoquestionssuchas: completeacurriculumhaveachievedthespeciededucationaloutcomes.thetypeofevidence Educationalassessmentisimportantbecauseitaddressesquality.Arestudentsinfactlearning? Whatarethestandardsusedtojudgequality? Whataretheunderlyingprincipleswhichareimportant? Whataresomebehaviorsorindicatorswhichcharacterizetheoutcomes? Whatarethedesirededucationaloutcomes? Dograduatesinfactpossesstherequiredskills?Assessmentisbasedonthecultureofevidence, 18
19 muchasthetcsecusescoherentgroupingsoffunctionalpropertiesandassuranceevidenceto makeitsassessments.ajusticationforassessmentisfoundinlearningthroughassessment:a ResourceGuideforHigherEducation,[2]: acompellingpublicstakeineducation.aseducators,wehavearesponsibilitytothepublics Throughassessment,educatorsmeetresponsibilitiestostudentsandtothepublic.Thereis (AAHE)[2]whichapplytothispaperare: ThefourprinciplesofassessmentputforthbytheAmericanAssociationforHigherEducation mation;ourdeeperobligation{toourselves,ourstudentsandsociety{istoimprove.those towhomeducatorsareaccountablehavecorrespondingobligationtosupportsuchattemptsat improvement. meetgoalsandexpectations.butthatresponsibilitygoesbeyondthereportingofsuchinfor- thatsupportordependonustoprovideinformationaboutthewaysinwhichourstudents 1.Theassessmentofstudentlearningbeginswitheducationalvalues. 2.Assessmentismosteectivewhenitreectsanunderstandingoflearningasmultidimensional, 3.Assessmentworksbestwhentheprogramsitseekstoimprovehaveclear,explicitlystated integrated,andrevealedinperformanceovertime. thevaluescitedbyreich[31]assupportedbytheskillsof1)abstraction,2)systemthinking, 3)experimentationandtesting,and4)collaborationandcommunication,areelementsofthe Theframeworkandoutcomesareconsistentwithandsupportiveoftheaboveprinciples.First, 4.Assessmentrequiresattentiontooutcomesbutalsoandequallytotheexperiencesthatlead tothoseoutcomes. purposes. sequencesofcoursesthroughacurriculumoverseveralyearsandnotbyasinglecourseinone spanalldesignlevelsandlinktheorytopractice.theoutcomesarelikelytobeachievedbyseveral frameworkandarelistedasspeciceducationaloutcomesinseveralelements. mutuallysupporttheoutcomes. Theelementsoftheframeworkidentifycommongroundbetweenengineeringandsecuritywhich security. semester.theframeworkprovidesameanstolinkthevariouselementsacrossengineeringand Third,theframeworkandoutcomeshavetheexplicitpurposeoflinkingengineeringandsecurity. Second,theframeworkandoutcomesarespreadoverseveralviewpointsandactivitieswhich outcomes.theoryandpracticearecontainedasarelow-levelandhigh-leveldesignandanalysis. Fourth,theframeworkidentiesavarietyofexperiencesandactivitiesasmeansformeetingthe ImprovingCoursesandCurriculainHigherEducation,[11]. Tables6and7areexcerptedfrom[32]asexamples.Theremainingsixarefoundin[32]. andnosichin[32]providehigh-levelexamplesforeachoftheeightelementsoftheframework. used,theuseofcriticalthinkingasahigher-orderorganizingframeworkallowsforthespecialization ofassessmenttoolsforcriticalthinkingtothecriticalframeworkforengineeringandsecurity.paul MoredetailoncurriculadevelopmentandassessmentcanbefoundinDiamond'sDesigningand Whileitisbeyondthescopeofthispapertodevelopthepreciseassessmentinstrumentstobe 19
20 1.Theassessmentofstudentlearningbeginswitheducationalvalues. Table5:APartialListingofAssessmentPrinciplesfromAAHE questionsabouteducationalmissionandvaluesareskippedover,assessment Assessmentisnotanendinitselfbutavehicleforeducationalimprovement.Its shoulddrivenotonlywhatwechoosetoassessbutalsohowwedoso.where eectivepractice,then,beginswithandenactsavisionofthekindsoflearning wemostvalueforstudentsandstrivetohelpthemachieve.educationalvalues PrinciplesofGoodPracticeforAssessingStudentLearning threatenstobeanexerciseinmeasuringwhat'seasy,ratherthanaprocessof DevelopedundertheauspicesoftheAAHEAssessmentForum,December Assessmentismosteectivewhenitreectsanunderstandingof manceovertime.learningisacomplexprocess.itentailsnotonlywhat studentsknowbutwhattheycandowithwhattheyknow;itinvolvesnotonly improvingwhatwereallycareabout. learningasmultidimensional,integrated,andrevealedinperfor- 3.Assessmentworksbestwhentheprogramsitseekstoimprovehave knowledgeandabilitiesbutvalues,attitudes,andhabitsofmindthataect bothacademicsuccessandperformancebeyondtheclassroom.assessment shouldreecttheseunderstandingsbyemployingadiversearrayofmethods, revealchange,growth,andincreasingdegreesofintegration.suchanapproach includingthosethatcallforactualperformance,usingthemovertimesoasto clear,explicitlystatedpurposes.assessmentisagoal-orientedprocess. aimsforamorecompleteandaccuratepictureoflearning,andthereforermer basesforimprovingourstudents'educationalexperience. 4.Assessmentrequiresattentiontooutcomesbutalsoandequallyto pushesacampustowardsclarityaboutwheretoaimandwhatstandardsto apply;assessmentalsopromptsattentiontowhereandhowprogramgoalswill forassessmentthatisfocusedanduseful. tionsinprogramandcoursedesign,andfromknowledgeofstudents'owngoals. Whereprogrampurposeslackspecicityoragreement,assessmentasaprocess Itentailscomparingeducationalperformancewitheducationalpurposesand theexperiencesthatleadtothoseoutcomes.informationaboutoutcomesisofhighimportance;wherestudents\endup"mattersgreatly.butto outcomes.assessmentcanhelpusunderstandwhichstudentslearnbestunder aboutthecurricula,teaching,andkindofstudenteortthatleadtoparticular improveoutcomes,weneedtoknowaboutstudentexperiencealongtheway{ oftheirlearning. whatconditions;withsuchknowledgecomesthecapacitytoimprovethewhole betaughtandlearned.clear,shared,implementablegoalsarethecornerstone expectations{thosederivedfromtheinstitution'smission,fromfacultyinten- 20
21 Table6:AssessingtheQuestionatIssueorCentralProblem,fromPaul FundamentalStandards:1)ClarityofQuestion,2)SignicanceofQuestion,3) Principle:Tosettleaquestionyoumustunderstandwhatitrequires FlawedQuestions:1)Unclear,2)Insignicant,3)NotAnswerable,4)Irrelevant Answerability,4)Relevance tosettlesomequestion,solvesomeproblem) (Allreasoningisanattempttoguresomethingout, areclearabouttheques- canre-expressaquestionin avarietyofways tiontheyaretryingtoset- tle GoodReasoners: BadReasoners: areoftenunclearaboutthe kindofquestiontheyare expressquestionsvaguely andndthemdicultto asking FeedbacktoStudents: reformulate issue. (-)Themainquestionatissueisnevermadeclear. (+)Youdidagoodjobof clarifyingthequestionat (-)Youneedtoreformulate yourquestioninacoupleof canbreakaquestioninto waystorecognizethecomplexityofit. sub-questions areunabletobreakdown thequestionstheyareask-formulateyourquestioniing (+)Ilikethewayyoure- dierentways.ithelpsthe youwouldbreakitdown solveyourmainproblemif analyzingthemainquestionintosub-questions. (-)Itwouldbeeasierto (+)Youdoagoodjobof readerseeitfromdierent somewhat. pointsofview. havesensitivitytothekind distinguishquestionsthey ofquestiontheyareasking routinelydistinguishquestionsofdierenttypappropriatelytothequestionstheyask asking, confusequestionsofdierenttypes,oftenrespondin- kindofquestionstheyare havelittlesensitivitytothesuesseparatefromtheso- cialones. keepingtheeconomicis- one. (+)Youdoagoodjobof (-)Youareconfusingalegalquestionwithamoral cananswerfromquestions theycan't trytoanswerquestions toanswer theyarenotinaposition(+)youwerecorrectin leavingthatquestionunanswered,andinrecognizingwhatextrainformation youwouldneedtoanswer 21 thequestion
22 Table7:AssessingInferenceandConclusion,fromPaul FailureofInferencesandConclusions:1)Unclear,2)Unjustied,3)Supercial,4) FundamentalStandards:1)ClarityofInferences,2)JustiabilityofInferences,3) ProfundityofConclusions,4)ReasonabilityofConclusions,5)Consistencyof Unreasonable,5)Contradictory conclusionsandgivemeaningtodata) (Allreasoningcontainsinferencesbywhichwedraw Inference&Conclusion GoodReasoners: makeinferencesthatare clearandprecise Principle:Reasoningcanonlybeassoundastheinferencesitmakesandconclusionsitcomesto BadReasoners: oftenmakeinferencesthat areunclear FeedbacktoStudents: thatfollowfromtheevidenceorreasonspresentedoftenmakeinferencesthat donotfollowfromtheevidenceorreasonspresented(-)theconclusionyou (-)Itisnotclearwhatyour mainconclusionis. baseyourmainconclusion on. (+)Yourreasoningisvery clearandeasytofollow. usuallymakeinferences aredeepratherthansuper- cial oftenmakeinferencesthat oftenmakeinferencesthat aresupercial (+)Yourcentralconclusioniswell-thought-out cometodoesnotfollow andgoesrighttotheheart oftheissue. ingevidenceandgoodrea- sons. fromthereasonspresented. (-)Yourconclusionisjus- (+)Youjustifyyourcontied,butitseemssupercialgiventheproblemclusionwellwithsupport- oftenmakeinferencesor makeinferencesorcometo conclusionsthatareconsistentwitheachother cometoconclusionsthat arereasonable oftenmakeinferencesor cometoconclusionsthat areunreasonable arecontradictory. (-)Itisunreasonabletoinferaperson'spersonality (-)Theconclusionsyou dicttheconclusionsthat cometointherstpartof yourpaperseemtocontra- youcometoattheend. fromoneaction. 22
23 withoutanextensiveapprenticeshipintheeld.(wenotethatcautionshouldbeexercisedwhen studyasmallcollectionofbooksandpapersandbecomeacompetentinstructorinthisarea Cryptographyandtheuseofcryptographicprotocolsisappealingasasingle-coursetopic.Many 15,22].Cryptographyanditsuseinsecurecommunicationprotocolsisanimportantaspectof networksecurityandsecuredistributedarchitectures.itisstraightforwardforanindividualto booksandtextsareavailableforteachingcryptographyandnetworksecurity,e.g.[45,37,43, 5DiscussionofSecurityEducationPrograms signicantexpertise[1,36,38].) attemptingtobecomeapractitioner.thedesignofgoodprotocolsandcryptosystemsrequires Theframeworkdescribedinthispaperprovidesablueprintforachievinganinformationsecurity andmanyotherfundamentalareasofcomputerscienceandengineering,see[10,30,46,35,3]. educationwithanappropriatelybroadscope. anunderstandingoffoundationalaspectsofoperatingsystems,softwareengineering,modeling, computerandnetworksecurity;aprogramconnedtocryptographyandcryptographicprotocols, befollowedtosuccessfullybuildsecuresystems.designingandbuildingsecuresystemsinvolves willbeinsucienttoconveytostudentsthefoundationalconceptsanddesignprinciplesthatmust Despiteitsappeal,cryptographyanditsapplicationisonlyonepartofanoverallapproachto receivemoreattentionintheeducationofengineersandcomputerscientists.securityconceptsare curriculachargedwiththeeducationofthemajorityofsystemdesignersandimplementors.some fundamentaloneswhichapplytoalllevelsofsystemdesignandapplication.assuch,technically demandsthatmoreresilient,reliable,andsecuresystemsbebuiltanddeployed.theseissuesmust meaningfulwaysmustbesoughttointegratesecurityintotheengineeringandcomputerscience 6Conclusions undergraduateprogramswilloerspecializedcoursesincomputersecurityandgraduateprograms canprovideadvancedsecuritycoursescomplementedbyresearch.thesefocussedcoursesand Theincreasinguse,relianceupon,andvulnerabilityofcurrentlarge-scaleinformationsystems majorityofstudents.acompoundingfactorwillbetheinabilityofmanyprogramstoaddone securitycurriculaisolatedfromthoseofengineeringandcomputerscience.areasonableapproach istointegratesecurityconcernsintechnicallymeaningfulwaysintoengineeringandcomputer ormoresecuritycoursestoalreadyovercrowdedcurricula.itisunreasonabletocreateseparate sciencecurricula. programswillbeattractivetoonlyasubsetofthestudentpopulation;theydonotreachthevast thedisciplinesofsecurityandcomputerengineeringandscience. closelyrelatedtocomputerengineeringandscience.asmanyofthegoals,concepts,andmeans ofreasoningaresimilar,itseemsbothdesirableandpracticaltoincorporateelementsofeachinto UsingthecriticalframeworkofSection3,thetechnicalaspectsofsecurityarefoundtobe approachhastheadvantageofviewingsecurityasanimportantapplicationandpropertywhichis introductorycoursesonoperatingsystems,databases,softwareengineering,andnetworks[48].this ofacurriculumintowhichsecurityhasbeenintegratedbyexplicitlyinjectingsecuritytopicsinto engineeringandscienceintegratedwithsecurity.theairforceacademyprovidesanexample anintegralpartofcomputerengineeringandscience.atinstitutionswherethisisnotimmediately Ideally,coursematerialintheformoftextbooksandlaboratoryexampleswouldhavecomputer 23
MODELING)THE)LOJACK)EFFECT)IN)THE)) CYBER)SECURITY)MARKET))
CasatrinaLee 3May2014 i MODELING)THE)LOJACK)EFFECT)IN)THE)) CYBER)SECURITY)MARKET)) )A)STUDY)OF)INCENTIVES) Abstract:) Cybersecurityhasbecomeapertinentconcernamongbusinessesfollowing theincreasingdigitizationofoperations.hackingmethodsareeverevolvingand
More informationThree year rotational plan for assessing student outcomes: MET
Three year rotational plan for assessing student outcomes: MET Year 2015 ABET a, b, c, d, e ABET a, b, c, d, e 2016 ABET f, g, h, i, j, k ABET f, g, h, i, j, k 2017 MET a - c MET a - c 2018 ABET a, b,
More informationFORD TOURNEO CUSTOM Tourneo_Custom_2014_V1_240x185_Cover.indd 1-3 18/11/2013 12:08:16
More information
The fragmented m. onnected m. ithin single disciplines ( cross several disciplines ( ithin l. cross n. ested m
ithin single disciplines ( cross several disciplines ( ithin l cross n The fragmented m onnected m ested m Copyright 1991 by the Association for Supervision and Curriculum Development. All rights reserved.
More informationCopyright 1980 by the Association for Supervision and Curriculum Development. All rights reserved.
More information
Experience affects adult learning. Adults learn best in an informal situation
Adults must want to learn Motivation or need Adults will learn only what they feel they need to learn Interest or discipline Adults learn by doing Active participation Focuses on problems and the problems
More informationAHE 233 Introduction to Health Informatics Lesson Plan - Week One
AHE 233 Introduction to Health Informatics Lesson Plan - Week One Major Theories & Healthcare Informatics Literacy Note: I have set up the entire curriculum for this class with weekly lesson plans. This
More informationISO 27000 Information Security Management Systems Foundation
ISO 27000 Information Security Management Systems Foundation Professional Certifications Sample Questions Sample Questions 1. is one of the industry standards/best practices in Service Management and Quality
More informationAnchor Bay Schools Software Policy
Anchor Bay Schools Software Policy Table of Contents 1. Statement of Ethics... Page 1 2. Purchasing and Acquisition... Page 1 3. Registration... Page 1 4. Installation of Software... Page 2 5. Individual
More informationRequest for Exploring the Natural World (ENW) Integrated Core Course Approval Cover Sheet
Request for Exploring the Natural World (ENW) Integrated Core Course Approval Cover Sheet Submit all materials to Karen Connell, Core Administrative Assistant, kconnell@jcu.edu Date: Instructors: Departments
More informationSanta Clara University CAAP Program CPA Licensing Information
Santa Clara University CAAP Program CPA Licensing Information We do our best to provide our students and graduates with updated and accurate information on the requirements for CPA licensure, but the California
More informationCriteria for Accrediting Computer Science Programs Effective for Evaluations during the 2004-2005 Accreditation Cycle
Criteria for Accrediting Computer Science Programs Effective for Evaluations during the 2004-2005 Accreditation Cycle I. Objectives and Assessments The program has documented, measurable objectives, including
More informationLessons Learned from the Teaching of IS Development
Journal of Information Technology Education Volume 1 No. 2, 2002 Lessons Learned from the Teaching of IS Development Filomena Lopes and Paula Morais Universidade Portucalense, Porto, Portugal flopes@upt.pt
More informationFebruary 2012. [LA 1028] Sub. Code: 4734 B.Sc (Nursing) DEGREE EXAMINATION
February 2012 [LA 1028] Sub. Code: 4734 Answer All questions. I. Elaborate on: (2X15=30) 1. a) Describe the philosophy and objectives of staffing in Nursing. b) Explain the steps in staff Recruitment process.
More informationHenderson State University Program-Computer Science
Assessment Plan Henderson State University Program-Computer Science Program-Computer Science Mission Statement: The mission of the computer science program is to provide its majors with the expertise to
More informationMaster of Arts in Teaching Supplemental Application Packet
Master of Arts in Teaching Supplemental Application Packet Early Childhood Education, Elementary Education, Middle Grades Education, Special Education The M.A.T. programs at the Graduate School of the
More informationELECTRICAL ENGINEERING
ELECTRICAL ENGINEERING UNDERGRADUATE STUDENT HANDBOOK For Academic Year 2011 2012 Department of Electrical Engineering and Computer Science L.C. Smith College of Engineering and Computer Science Syracuse
More informationCALL/ACBD Professional Development Pathways. Collection Development, Cataloguing, Metadata and Information Organization
CALL/ACBD Professional Development Pathways Adopted by the CALL/ACBD Executive Board August 12, 2015 Tier 1: introductory Tier 2: advanced Collection Development Collection Development, Cataloguing, Metadata
More informationEducational Technology Assessments
Educational Technology Assessments Standards-based assessment is interwoven throughout the online educational technology programs (Master of Arts, Rank I, and Endorsement). Graduate courses have been designed
More informationAHIMA Curriculum Map Health Information Management Associate Degree Approved by AHIMA Education Strategy Committee February 2011
AHIMA Curriculum Map Health Information Management Associate Degree Approved by AHIMA Education Strategy Committee February 2011 HIM Associate Degree Entry-Level Competencies (Student Learning Outcomes)
More informationOccupational Profile and Curriculum Summary
Occupational Profile and Curriculum Summary Presented for Comment OFO code 143905 Related Occupation Contact Centre Manager Table of Content Occupational Profile and Curriculum Summary... 1 Presented for
More informationAACSB Standards. from the Eligibility Procedures and Accreditation Standards for Business Accreditation Handbook, revised January 31, 2010
AACSB Standards from the Eligibility Procedures and Accreditation Standards for Business Accreditation Handbook, revised January 31, 2010 Standard 1: The school publishes a mission statement or its equivalent
More informationBSc in Information Systems Degree Programme. Syllabus
BSc in Information Systems Degree Programme Syllabus Semester 1 Title IS1012 Introduction to Computer Systems 30 - - 2 IS1022 Information Technology Concepts 30 - - 2 IS1033 Fundamentals of Programming
More informationAREAS OF CONCENTRATION
CANCER EPIDEMIOLOGY Dr. Elizabeth Platz, Director The mission of the Cancer Area of Concentration is to train future epidemiologists armed with the knowledge and skills to investigate: The causes of cancer,
More informationINFORMATION TECHNOLOGY
INFORMATION TECHNOLOGY You have: TASC subjects May lead to: Basic Computing 1 No previous experience Computing 2 Package Essential Skills - Using Computers and the Internet 2 Employment and further computer
More informationSTANDARDS FOR THE MASTER OF INSTRUCTIONAL TECHNOLOGY/ COORDINATOR/ DIRECTOR OF TECHNOLOGY LICENSE
STANDARDS FOR THE MASTER OF INSTRUCTIONAL TECHNOLOGY/ COORDINATOR/ DIRECTOR OF TECHNOLOGY LICENSE The Instructional Technology Coordinator/Director certification is appropriate for those persons who, through
More informationSchool-Wide DrPH Course Requirements AY 2015 2016
School-wide DrPH Curriculum Checklist School-Wide DrPH Course Requirements The following sections describe the school-wide course requirements. For specific department requirements please contact your
More informationSCOPING QUESTIONNAIRE FOR PENETRATION TESTING
SCOPING QUESTIONNAIRE FOR PENETRATION TESTING PathMaker Group adheres to the OSSTMM penetration testing methodology and code of ethics regarding this level and classification of test. The analysts performing
More informationNew Mexico Highlands University School of Business Outcomes Assessment For BBA Programs
New Mexico Highlands University School of Business Outcomes Assessment For BBA Programs A. Overview The School of Business has identified three goals common to all Concentrations within the School of Business.
More informationStudent Campus Climate & Satisfaction Survey General Education Student Learning Outcomes Conducted June 2014 (n=1,119)
Student Campus Climate & Satisfaction Survey General Education Student Learning Outcomes Conducted June 2014 (n=1,119) Data Included: Table A: Comprehensive Data Table B: Summary Data Table C: Ranked Data
More informationCREATING A MISSION STATEMENT
CREATING A MISSION STATEMENT Understanding and articulating what your program is trying to accomplish is necessary for a successful assessment plan. It is important to carefully specify and obtain a consensus
More informationStatement of Principles of Accreditation and Fundamental Goals of a Sound Program of Legal Education May 6, 2009
Statement of Principles of Accreditation and Fundamental Goals of a Sound Program of Legal Education May 6, 2009 Donald J. Polden, Dean, Santa Clara University School of Law Chair, Standards Review Committee
More information11 Master s degree programme in Philosophy
11 Master s degree programme in Philosophy 11.1 Introduction This chapter contains detailed information about the aims, learning outcomes and structure of the Master s degree programme in Philosophy. A
More informationConfiguration Management SOP
1.0 Commercial in Confidence 08-Aug-2006 1 of 7 Configuration Management SOP Document No: SOP_0113 Prepared by: David Brown Date: 09-Aug-2006 Version: 1.0 1.0 Commercial in Confidence 08-Aug-2006 2 of
More informationManagement of Physical Education. Dr. Jaswant Singh Department of Physical Education G.G.V., Bilaspur (C.G.)
Management of Physical Education Dr. Jaswant Singh Department of Physical Education G.G.V., Bilaspur (C.G.) UNIT-I Introduction Management essential part of any group activity. Management is needed whenever
More informationDoctor of Clinical Psychology
Doctor of Clinical Psychology Programme of study for the degree of Doctor of Clinical Psychology 1. The following may be accepted as a candidate for the degree of Doctor of Clinical Psychology: Graduates
More informationRequirements for the Master s Degree in Curriculum and Instruction
Requirements for the Master s Degree in Curriculum and Instruction The requirements for the Master s Degree in Curriculum and Instruction are twofold: 1) Thirty-six credits of graduate coursework as described
More informationKnowledge Clusters (Curricular Components) HIM Associate Degree Entry-Level Competencies (Student Learning Outcomes) Notes
2011 AHIMA Curriculum Competencies and Knowledge Clusters Health Information Management Associate Degree Approved by AHIMA Education Strategy Committee HIM Associate Degree Entry-Level Competencies (Student
More informationName of the Undergraduate Degree Program
Name of the Undergraduate Degree Program Bachelor of Accounting Mission Statement This program provides students with the knowledge and skills necessary to enter the fields of public, private sector, corporate
More informationUSING INTERSYSTEMS CACHÉ FOR SECURELY STORING CREDIT CARD DATA
USING INTERSYSTEMS CACHÉ FOR SECURELY STORING CREDIT CARD DATA Andreas Dieckow Principal Product Manager InterSystems Corporation USING INTERSYSTEMS CACHÉ FOR SECURELY STORING CREDIT CARD DATA Introduction
More informationMASTER OF BUSINESS ADMINISTRATION: PUBLIC ACCOUNTANCY (262)
Program Coordinator: Aaron Hines, Director Office: Van Den Berg Hall 306 Phone: 845-257-2968 Email: hinesa@newpaltz.edu MASTER OF BUSINESS ADMINISTRATION: PUBLIC ACCOUNTANCY (262) The State University
More informationConceptual Framework Standards. Component Evidence Delivery Assessment Check one or both Type of Instrument Used Conceptual Framework
Business Education (Master s) Program Florida A&M University Conceptual Framework Standards Component Evidence Delivery Assessment Check one or both Type of Instrument Used Conceptual Framework Proficiencies
More informationDual Degree Programs
Dual Degree Programs (1) JD and MBA (Master in Business Administration) (2) JD and MACC (Master of Accountancy (Tax Track)) JD and MSRE (Master of Science in Real Estate) Typically, full-time Charlotte
More informationAC 2008-1207: ACCREDITATION OF ENGINEERING TECHNOLOGY ASSOCIATE DEGREE PROGRAMS
AC 2008-1207: ACCREDITATION OF ENGINEERING TECHNOLOGY ASSOCIATE DEGREE PROGRAMS Warren Hill, Weber State University American Society for Engineering Education, 2008 Page 13.139.1 Abstract Accreditation
More informationBuilding the First Gaming Master s Program: An Industry Perspective 1
Building the First Gaming Master's Program Building the First Gaming Master s Program: An Industry Perspective 1 Toni Repetti, Ph.D.* SoYeon Jung, M.B.A. Introduction Hotel Administration Hotel Administration
More informationAssurance of learning in a writing-intensive business course
Assurance of learning in a writing-intensive business course Lana Carnes Eastern Kentucky University Faridah Awang Eastern Kentucky University ABSTRACT Halie Smith Alice Lloyd College Writing intensive
More informationAGraphDrawingandTranslationServiceon StinaBridgeman,AshimGargandRobertoTamassia DepartmentofComputerScience thewww*
AGraphDrawingandTranslationServiceon StinaBridgeman,AshimGargandRobertoTamassia DepartmentofComputerScience thewww* Abstract.Bothpractitionersandresearcherscantakebetteradvantageofthelatestdevelopmentsingraphdrawingifimplementationsof
More informationIntegrating Security into the Curriculum
Cynthia E. Irvine Shiu-Kai Chin Deborah Frincke Naval Postgraduate School Syracuse University University of Idaho Cybersquare Integrating Security into the Curriculum Computer security can be used as a
More informationAcademic Collaboration: Double Degree Program Curriculum Challenges, Report on BU and Finance University Program SALEEM KHAN BLOOMSBURG UNIVERSITY
Academic Collaboration: Double Degree Program Curriculum Challenges, Report on BU and Finance University Program SALEEM KHAN BLOOMSBURG UNIVERSITY Academic Initiatives Three academic initiatives undertaken
More informationBusiness Education 6 12
Business Education 6 12 Section 51 1 Knowledge of information and technological systems 1. Identify touch keyboarding techniques. 2. Identify standard formats for business documents. 3. Identify the purposes,
More informationTOWARDS STANDARDS IN DIGITAL FORENSICS EDUCATION
TOWARDS STANDARDS IN DIGITAL FORENSICS EDUCATION AGENDA Purpose Concern Approach Professional Spaces Knowledge Areas Digital Forensics Domain Challenges Conclusions PURPOSE to begin the process of delineating
More informationSUN PRAIRIE AREA SCHOOL DISTRICT COURSE POWER STANDARDS. Curriculum Area: Science Course Length: Semester
SUN PRAIRIE AREA SCHOOL DISTRICT COURSE POWER STANDARDS Course Title: Environmental Science Curriculum Area: Science Course Length: Semester Credit Status: Required Date Submitted: 10/05 Expected Student
More informationREFLECTIONS OF YOUR EXPERIENCE AS A PSYCHOLOGY MAJOR
REFLECTIONS OF YOUR EXPERIENCE AS A PSYCHOLOGY MAJOR The reflections/questionnaire/survey is intended to be sent to each student applying for graduation as a psychology major and for whom we must certify
More informationCounselor Performance Evaluation System Counselor Self Appraisal
Counselor Performance Evaluation System Counselor Self Appraisal Pages 1-8 are for each counselor to access by September 1. Pages 2-3 are instructional pages. Page 4 is to be signed by the appraiser and
More informationCommission on Sport Management Accreditation
Commission on Sport Management Accreditation An Introduction Commission on Sport Management Accreditation is a specialized accrediting body that promotes and recognizes excellence in sport management
More informationUndergraduate Degree Map for Completion in Four Years
Page 1 of 6 Undergraduate Degree Map for Completion in Four Years College: College of Science, Engineering & Technology Department: Elec. & Computer Engineering Name of Program: COMPUTER ENGINEERING TECHNOLOGY
More informationAssessment of Student Learning Plan: School of Nursing
Assessment of Student Learning Plan: School of Nursing Review of 2012-13 Academic Year University of Southern Maine A. College, Department or Program, Date College Department or Program Date CSTH Nursing
More informationDepartment of Engineering Technology Assessment Progress Report Calendar Year 2011 (prepared March 2012)
Department of Engineering Technology Assessment Progress Report Calendar Year 2011 (prepared March 2012) The Department of Engineering Technology offers both baccalaureate and associate degrees in Electronics
More informationBachelor of Applied Information Science (Information Systems Security)
Sheridan College Institute of Technology and Advanced Learning Bachelor of Applied Information Science (Information Systems Security) Victor Ralevich, Ph.D. Professor and Program Coordinator Sheridan College
More informationUniversity of Northern Iowa College of Business Administration Master of Business Administration Learning Assurance Program Last updated April 2009
University of Northern Iowa College of Business Administration Master of Business Administration Learning Assurance Program Last updated April 2009 1. Philosophy and Program Goals The MBA program s Learning
More informationAssessment in Singapore:
Assessment in Singapore: Assessing creativity, critical thinking and other skills for innovation Presentation at OECD-CCE-MOE Educating for Innovation Workshop 16 January 2013, Session 7 Ms Eugenia Tan
More informationLibrary Media Specialist Rubric
Standards and Objectives Motivating Students Presenting Instructional Content Library Media Specialist: Instruction Lesson Structure and Pacing Library Media Specialist Rubric Significantly Above Expectations
More informationProject Management in the Information Technology Industry
Project Management in the Information Technology Industry MASTER OF SCIENCE IN MANAGEMENT OF PROJECTS AND PROGRAMS Rabb School of Continuing Studies Division of Graduate Professional Studies Brandeis University
More informationACADEMIC POLICY AND PLANNING COMMITTEE REQUEST FOR AHC GENERAL EDUCATION CONSIDERATION
ACADEMIC POLICY AND PLANNING COMMITTEE REQUEST FOR AHC GENERAL EDUCATION CONSIDERATION Allan Hancock College General Education Philosophy General education is a pattern of courses designed to develop in
More informationCollege of Nursing and Professional Disciplines Instructional Design Strategic Plan 2014-2019
College of Nursing and Professional Disciplines Instructional Design Strategic Plan 2014-2019 Enrich Teaching & Learning Innovation Exceptional Instructional Design Quality Client Service Expand Presence
More informationAn Informal Survey of Calculus and Physics requirements in Engineering Technology. Harvey Lyons and M. L. Brake. School of Engineering Technology
An Informal Survey of Calculus and Physics requirements in Engineering Technology Harvey Lyons and M. L. Brake School of Engineering Technology Eastern Michigan University Ypsilanti, MI 48197 hlyons@emich.edu
More informationSamuel S. Corl, III, is Associate Pro fessor of Education, Michigan State University, East Lansing. ff you are interested in more informa tion about
Samuel S. Corl, III, is Associate Pro fessor of Education, Michigan State University, East Lansing. ff you are interested in more informa tion about Denmark's Folk High Schools order Professional Paper
More information7 Bachelor s degree programme in the Philosophy of a Specific Scientific Discipline
7 Bachelor s degree programme in the Philosophy of a Specific Scientific Discipline 7.1 General introduction to degree programmes in the Philosophy of a Specific Scientific Discipline This chapter contains
More informationGaPSC Teacher Leadership Program Standards
GaPSC Teacher Leadership Program Standards Purpose: Georgia has identified a need to improve P-12 students academic performance as measured by various assessments. One method to ensure improved student
More informationHow To Become A Forensic Accountant
Institute of Certified Forensic Accountants Certificate in Internal Auditing 1 www.forensicglobal.org Welcome The Institute of Certified Forensic Accountants is a professional body for those committed
More informationInternational Economics and Commercial Diplomacy bachelor program (University of Latvia)
International Economics and Commercial Diplomacy bachelor program (University of Latvia) Formulation of learning outcomes agnese.rusakova@lu.lv Top-down approach National qualification descriptors from
More informationCriteria for Accrediting Engineering Programs Effective for Evaluations during the 2011-2012 Accreditation Cycle
Criteria for Accrediting Engineering Programs Effective for Evaluations during the 2011-2012 Accreditation Cycle Definitions While ABET recognizes and supports the prerogative of institutions to adopt
More informationUniversity of Rhode Island Evening MBA Program - Course Descriptions
University of Rhode Island Evening MBA Program - Course Descriptions The following are the required courses in the Providence (Evening) MBA Program, followed by a listing of elective courses. Descriptions
More informationTerms of Reference for an IT Audit of
National Maritime Safety Authority (NMSA) TASK DESCRIPTION PROJECT/TASK TITLE: EXECUTING AGENT: IMPLEMENTING AGENT: PROJECT SPONSOR: PROJECT LOCATION: To engage a professional and qualified IT Auditor
More informationJanuary 5, 2012. Ilene Harris, Chair Senate Committee on Educational Policy. Kim Neumann, Director of Academic Program Development
Office of Programs and Academic Assessment (MC 10) 260 University Hall 601 South Morgan Street Chicago, Illinois 60607-7128 January 5, 2012 TO: FROM: Ilene Harris, Chair Senate Committee on Educational
More informationThe Mental Health Care Patient Management System (Mentcare)
The Mental Health Care Patient Management System (Mentcare) The Mentcare system ² This system (not its real name but a real system) is a generic medical information system that is configured for use in
More informationDublin Institute of Technology Faculty of Applied Arts School of Art, Design and Printing
Dublin Institute of Technology Faculty of Applied Arts School of Art, Design and Printing Preamble Programme Documents Programme Review Modular Structure Transparency and comparability Making explicit
More informationScoping Questionnaire for Penetration Testing
Scoping Questionnaire for Penetration Testing BII Compliance and its contractors adhere to the OSSTMM penetration testing methodology and code of ethics. The analysts performing these tests will each be
More informationCalifornia State University, Stanislaus Social Work (MSW) Curriculum Map. 1. Item 1 from Exit Survey. 2. Item 1 from Alumni Survey
California State University, Stanislaus Social Work (MSW) Curriculum Map MSW Foundation Program 1. Apply critical thinking skills to professional social work Understand and are guided by the values and
More informationIllinois Board of Examiners - Integration Template. DeVry University 12.17.15. ACBSP Accredited in Business (2013) and Accounting (2013)
DeVry University 12.17.15 ACBSP Accredited in (2013) and (2013) Bachelor of Science in Administration with Concentration in Integration of Ethics, Communication, and & Analysis Required Courses Total Balance
More informationCenter for Information. Security and Assurance (CISA) Charter. Mathematical, Computing, and Information Sciences (MCIS) Department
Center for Information Security and Assurance (CISA) Charter Mathematical, Computing, and Information Sciences (MCIS) Department This charter establishes the Center for Information Assurance within the
More informationBachelor Programs. Bachelor Program
10 Bachelor Programs Bachelor Program Faculties and Departments Al-Taqwa Institute of Higher Education offers full -time various bachelors and diploma programs under the faculties of Economics, Business
More informationHow To Integrate Software And Systems
September 25, 2014 EFFECTIVE METHODS FOR SOFTWARE AND SYSTEMS INTEGRATION P R E S E N T E D B Y: D R. B O Y D L. S U M M E R S 1 Software Engineer (Quality) Defense and Space The Boeing Company - Seattle,
More informationAdministrative Procedure Manual
General Accountability: This position is accountable for providing overall leadership and strategic direction in the development, implementation and evaluation of programs and services within the Park
More informationAnnual Assessment Report - The College of Information Systems Program
Annual Assessment Report to the College 2008-2009 DRAFT College: COBAE Department: Information Systems Program: B.S. in Information Systems Liaison: Leah Marcal 1. Overview of Annual Assessment Project(s)
More informationNational Childcare Accreditation Council. Online Family Survey Report
National Childcare Accreditation Council Online Family Survey Report October 2009 March 2010 Executive Summary On 21 October 2009, NCAC announced that services would be provided with the actual date of
More information