The focus of this paper is on assessment of student performance in an information security risk assessment, service learning course.  The paper provides a brief overview of the information security risk assessment course as background information and a review of relevant educational assessment theory with a focus on outcomes assessment.  An example of how assessment theory was applied to this service learning course to assess student performance outcomes is described with the aim of sharing performance assessment methods with other educators.  This material is based upon work supported by the Nation Science Foundation under Grant No. 0313871.  Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.

This paper describes a needed and innovative service learning Information Security Management class that was designed,  developed, and offered at Purdue University in spring 2004.  This paper overviews 1) the need for service learning, 2) the more specific need for service learning in information technology and educational technology programs, 3) the need for information security in K12 school corporations as these bodies of work pertain to this experimental course.  For faculty interested in developing a similar course, the paper then 4) highlights the course description and objectives as a reference point, and 5)  describes how this course evolved from past work with an emphasis on the type of capacity that was needed to make such a course possible.

A multi-domain application environment consists of distributed multiple organizations, each employing its own security policy, allowing highly intensive inter-domain accesses. Ensuring security in such an environment poses several challenges. XML technologies are being perceived as the most promising approach for developing pragmatic security solutions for such environments because of the integration and interoperation framework they provide. In this paper, we highlight these challenges and propose an XML-based access control specification language called X-RBAC that addresses policy specification needs of a multi-domain environment. Our specification language is based on an extension of the widely accepted NIST RBAC model. X-RBAC allows specification of RBAC policies and facilitates specification of timing constraints on roles as well as context and content-based access requirements. Furthermore, it provides a framework for specifying mediation policies in a multi-domain environment where RBAC policies have been employed.

We present and analyze portable access control mechanisms for large data repositories, in that the customized access policies are stored on a portable device (e.g., a smart card). While there are significant privacy-preservation advantages to the use of smart cards anonymously created and bought in public places (stores, libraries, etc), a major difficulty is that, for huge data repositories and limited-capacity portable storage devices, it is not possible to represent any possible access configuration on the card. For a customer whose card is supposed to contain a subset S of documents, access to all of S must be allowed. In some situations a small enough number of “false positives” (which are accesses to non-S documents) is acceptable to the server, and the challenge then is to minimize the number of false positives implicit to any given card. We describe and analyze schemes for both unstructured and structured collections of documents. For these schemes, we give fast algorithms for efficiently using the limited space available on the card. In our model the customer does not know which documents correspond to false positives, the probability of a randomly chosen document being a false positive is small, and information about false positives bound to one card is useless for any other card even if both of them permit access to the same set of documents S.

The goal of data mining is to extract or ``mine’’ knowledge from large amounts of data. However, data is often collected by several different sites. Privacy, legal and commercial concerns restrict centralized access to this data. Theoretical results from the area of secure multiparty computation in cryptography prove that assuming the existence of trapdoor permutations, one may provide secure protocols for \emph two-party computation as well as for \emph multiparty computation with honest majority.

However, the general methods are far too inefficient and impractical for computing complex functions on inputs consisting of large sets of data. What remains open is to come up with a set of techniques to achieve this efficiently within a quantifiable security framework. The distributed data model considered is the heterogeneous database scenario with different features of the same set of data being collected by different sites. This thesis argues that it is indeed possible to have \emph and \emph techniques for useful privacy-preserving mining of knowledge from large amounts of data. The dissertation presents several privacy preserving data mining algorithms operating over vertically partitioned data. The set of underlying techniques solving independent sub-problems are also presented. Together, these enable the secure ``mining’’ of knowledge.

In this article we survey a number of security models—which range from the first models to newly proposed approaches—in an attempt to answer the question of what we want our security model to be. The emphasis of this work is not on past or current security models, but rather on new approaches that have been proposed in the literature but have not yet found their way to the end user. The models described in this work provide unusual ways of addressing security needs and may be difficult to employ due to drastic differences from the currently accepted norms. These models, however, may have useful properties that the current systems do not possess, and might provide more efficient ways of securing our systems.

DDoS attacks are increasingly common and many defense mechanisms have been proposed. However, in order to evaluate their effectiveness it is important to consider what goes into making an attack. In this paper, we analyzed common DDoS attacks at the source code and network level. We then developed a hybrid toolkit that combines attack tools, background traffic and monitoring software. Finally, we studied how effective our toolkit is at launching attacks and then detecting them. The results and lessons learned from testing on Emulab are presented.

The rapid proliferation of the Internet and the cost effective growth of its key enabling technologies such as database management systems, storage and end-systems, and networking are revolutionizing information technology and have created unprecedented opportunities for developing large scale distributed applications and enterprise-wide systems. At the same time, there is a growing need for information sharing and resource exchange in a collaborative environment that spans multiple enterprises. Various businesses, government, and other organizations have realized that information and resource sharing is becoming increasingly critical to their success.  However, increase in inter-domain information and resource exchange poses new threats to the security and privacy of data. Numerous studies have shown that unauthorized access, in particular by insiders, constitutes a major security problem for enterprise application environments. This problem can get magnified in a collaborative environment where, distributed, heterogeneous, and autonomous organizations interoperate with each other. Collaboration in such a diverse environment requires integration of the access control policies of local domains to compose a global security policy for controlling information accesses across multiple domains. In this proposal, we address the issue of policy integration in a multi-domain system that allows information and resource sharing in a collaborative environment. The proposed policy integration mechanism is a two phase process that first defines a mapping among the cross-domain entities and then resolves the underlying access control policy conflicts. For conflict resolution, we propose an integer programming (IP) based approach that maximizes inter-domain information and data exchange according to some specified optimality criterion. As an extension to the policy integration framework, we plan to address the problem of access control policy verification and policy evolution in the context of secure interoperation. In addition, we will investigate the problem of semantic partitioning of a single access control policy into multiple independent, autonomous, and functional policies.