Abstract--The model presented in this paper is an extension of work reported in 1991 by John McCumber. His model provided an abstract research and pedagogic framework for the profession. In the decade since McCumber prepared his model, Information Systems Security (INFOSEC) has evolved into Information Assurance (IA). Although the framework remains sound, the growth of the profession has suggested that changes are needed. This extension of the model accommodates the expanded needs of the IA discipline and .
See Full PDF See Full PDF
Download Free PDF View PDF
Syracuse University is one of thirty-six National Security Agency designated Centers of Academic Excellence in Information Assurance Education. Our IA program was devel- oped within the Center for Systems Assurance (CSA), whose mission is to promote improvement in systems and information assurance through research, education, and technology trans- fer. The goal of the CSA educational program is to develop stu- dents with a broad background in security and information as- surance who distinguish themselves by their ability to (1) ana- lyze, synthesize, and make judgments based on engineering and computer-science principles, and (2) use analytical techniques to evaluate the implications of policies, standards, and proce- dures; the ramifications of changes; and the potential dangers of refinements. A key—and, we believe, unique—component of our program is our emphasis on using formal mathematics and logic to pro- vide a rigorous basis for the assurance of information and in- formation.
Download Free PDF View PDF
Download Free PDF View PDF
Journal of Information Technology …
Download Free PDF View PDF
Journal on Educational Resources in Computing
A novel idea for information security education created by the New York State Center for Information Forensics and Assurance (CIFA) is presented. This new approach incorporates a teaching hospital model originally developed for medical training. In this model, information security problems from industry and government are solved and abstracted into living-cases used for training and education of university students and public-sector employees. Such a model helps ensure that the curriculum stays current even as the field of information assurance continues to evolve. Solving industry problems hones research skills, while exposing students to living cases helps build context for concepts in information assurance. The success of this approach is contingent upon strong partnerships with government and private organizations that have real security issues as well as an active research program in information security that involves faculty and students. This article presents an implementatio.
Download Free PDF View PDF
Information Security Technical Report
