Программа дисциплины «Организация и технологии защиты информации»

Правительство Российской Федерации

Федеральное государственное автономное образовательное учреждение высшего профессионального образования

«Национальный исследовательский университет «Высшая школа экономики»

Факультет Бизнес Информатика

Отделение Программная Инженерия

Программа дисциплины

«Организация и технологии защиты информации»

для направления 231000.68 - «Программная инженерия»

подготовки магистра

для магистерской программы "Системная и программная инженерия"

Автор программы:

А, к. т.н., доцент, *****@***ru

Одобрена на заседании кафедры управления разработкой программного обеспечения «___»____________ 2012  г

Зав. кафедрой

Рекомендована секцией УМС факультета бизнес информатики

«___»____________ 2012  г

Председатель

Москва, 2012

Настоящая программа не может быть использована другими подразделениями университета и другими вузами без разрешения кафедры-разработчика программы.

Course Information

Specification Author:

Alexandra Savelieva, Associate Professor, PhD (Science and Technology Studies: Information Security)

Subject Title in English:

Organizational and Technical Security Aspects

1. Application Guidelines and Regulations

This specification presents a detailed description of the educational purpose, curriculum, and assessment methods for the discipline “Organizational and Technical Security Aspects”. This course is delivered to master students of software engineering department, business informatics faculty, HSE. The specification was developed in accordance with the following standards and regulatory documents:

·  Master curriculum of MSc educational programme 231000.68 “Software Engineering”, specialization “Software development management”. - Moscow, HSE, 2010.

·  Curriculum of 1st year MSc educational programme 231000.68 “Software Engineering”, specialization “Software development management”. - Moscow, HSE, 2010.

·  Federal state educational standard of higher education in software engineering (Master degree) approved by Order of the RF Ministry of Education and Science of 9 November 2009 N543 (in Russian).

The specification is intended to be used as a source of information by:

·  students and potential students;

·  lecturers delivering lectures and conducting practical classes on the course or related disciplines;

·  professional and statutory regulatory bodies when carrying out accreditation.

2. Course Objective

Information security and privacy have become core concepts in software engineering education. One of the inherent skills in information systems engineering and support is the ability to ensure appropriate level of information security.

The objective of the Organizational and Technical Security Aspects course is to develop professional competencies, related to applying best practices of information security and assurance to real world situations.

Today the demand is growing for information security experts capable of analyzing problems and making decisions in business situations that involve risk or uncertainty. These skills can be acquired through systematic studying of various information security incidents. The curriculum is built so that the students immediately learn to use theoretical knowledge in practice by studying various security incidents (e. g. Rocky Mountain Bank v. Google Inc. and Anonymous v. HBGary), identifying mistakes of people involved in the stories, and proposing problem solutions.

3. Learning Outcomes

During the course, the students will:

·  Study the basic terms, definitions and principles of information security and assurance;

·  Study state-of-the-art technologies and products for information protection;

·  Study the legislative base and regulatory documents in the area of information protection;

·  Master methods and tools for classification of main vulnerabilities and attacks on information assets within automated systems;

·  Master methods and tools for the development and implementation of information security policies;

·  Master models of information security systems evaluation from economical and technical perspectives, assuming roles of the end user, software engineer, senior architect, CFO, and company chairman;

·  Acquire practical skills in information analysis and identification of hidden connections between facts;

·  Acquire practical skills in information attack prevention and confrontation by means of organizational measures and technical solutions;

·  Acquire practical skills in real-world decision making and problems solving.

The course contributes to the development of the following professional competencies [3]:

1.  Research activities

·  The ability to manage both self-paced and team work on research projects (ПК-3).

2.  Project activities

·  The ability to approach projects in a systematic way, to build and apply descriptive and forecasting models, to conduct qualitative and quantitative analysis (ПК-6);

3.  Technical activities

·  The ability to apply state-of-the-art development technologies for the development of complex software systems, to take the advantage of automated job scheduling and control tools, and to make use of quality assurance techniques (ПК-9).

4.  Discipline in the Educational Program

Curriculum:

The course length is 144 academic hours, including 22 hours of lectures, 34 hours of practice, and 88 hours of self-study. Academic control forms are one home assignment and one test. It is a part of specialized curricula unit, and it is delivered in modules 1-2 of the second academic year. Number of credits is 4.

Prerequisites:

The course is based on the knowledge of foundations of general technical disciplines, mathematics, computer science and fundamentals of the decision theory.

5.  Subject Structure and Contents

6.  Grading and Assessment

6.1. Evaluation criteria

Written test

Students get a written test with 45 minutes to complete. The test contains Yes-No questions, single-choice and multiple-choice questions, as well as open-ended questions. Students are scored based on the number of questions they answered correctly, and the weight of each question in the overall result (varies from 1 for single-choice and Yes-No questions, to 10 for open-ended questions). Evaluation formula is 10*(score_achieved/maximum_score). A maximum score of 10 can be achieved.

Homework assignment

Homework is in the form of case study development and analysis. The students select by the student based on their interests. Once approval of the topic is obtained from course instructor, the student writes the case study based on the information from public sources, personal experience and imagination. Evaluation criteria for student’s homework assignment are presented in the table below. A maximum score of 10 can be achieved.

Written exam

Final exam is in the form of case study analysis. Cases are selected and assigned at random by the course instructor. Evaluation criteria for student’s homework assignment are presented in the table above. A maximum score of 10 can be achieved.

Penalties

Should plagiarism be identified in the student’s homework, disciplinary measures are applied as appropriate per the HSE Charter.

Should the student fail to present homework before the end of the 1st module, but submit it at any point during the 2nd module until the week of interim exams starts, a reduction of the scores for the assignment by 30% is applied. In this case, a maximum score of 7 for the homework assignment can be achieved.

6.2. Overall Score

Overall score on the course Ofinal is determined using the following formula:

Ofinal = (Ohome<4||Oexam<4)? min (Ohome, Oexam): 0,25*Otest+0,5*Ohome+0,25Oexam

where

-  Otest - score achieved by the student for the written test;

-  Ohome- score achieved by the student for the homework assignment;

-  Oexam - score achieved by the student for the written exam.

Should the student fail to either pass the written exam or submit the case before the end of the course, overall score for the next attempts is determined using the following formula:

Ofinal = (Ohome<4||Oexam<4)? min (Ohome, Oexam): 0,8*(0,25*Otest+0,5*Ohome+0,25Oexam)

A score of 4 or higher means successful completion of the course (‘pass’). A score of 3 or lower means failure to complete the course (‘fail’).

7.  Detailed Curriculum Plan

Topic 1: Introduction to the course. Foundations of information security

Topic outline:

·  Why study information security?

·  Course agenda

·  Terms, definitions and principles of information security and assurance

·  CIA Triad vs. Parkerian Hexad

·  Framework for case study analysis

·  Case study: Bank employee’s epic failure

Main references/books/reading:

·  Parker, D. B.: Fighting Computer Crime. New York, NY: John Wiley & Sons (1998)

·  Parker, D. B.: Toward a New Framework for Information Security. In Bosworth, Seymour; Kabay, M. E., Whyne, Eric, The Computer Security Handbook (5th ed.). New York, NY: John Wiley & Sons (2009)

·  Avdoshin S., Savelieva A.: A Framework for Analysis of Case Studies in Information Security. In: Proceedings of CEE-SECR’2012 (to appear)

Additional references/books/reading:

·  Schneier, B.: Beyond Fear. Thinking Sensibly about Security in an Uncertain World. Copernicus Books (2003)

Topic 2: Trust in the digital society. State-of-the-art technologies as a major information security threat. The problem of ‘digital shadow’

Topic outline:

·  Technology in societal context: RFID, GPS, smartphones, social networks, cloud services, and search engines

·  Nothing lost on the Web: the problem of digital shadow

·  Towards a trustworthy information society

·  Privacy, anonymity and accountability

·  Case study: Living in the future Information Society

Main references/books/reading:

·  Holtzman, D. H. Privacy Lost: How Technology Is Endangering Your Privacy. Jossey-Bass; 1 edition (October 13, 2006)

·  Trust in the Information Society // A Report of the Advisory Board RISEPTIS, 2008. URL: http://www. think-trust. eu/general/news-events/riseptis-report. html

·  Cameron, K. Posch, R. and Rannenberg, K. Proposal for a Common Identity Framework: A user-centric Identity Metasystem www.

·  Shadbolt, N and Berners-Lee, T. Web Science emerges, Scientific American, Oct 2008, Pp. 32-37

·  Berners-Lee, T. Hall, W. Hendler, J. O’Hara, K. Shadbolt, N. and Weitzner, D. A Framework for Web Science, Foundations and Trends in Web Science, 1(1), 2006, Pp. 1‑130

Additional references/books/reading:

·  ISS Report 05, Feb 2009: The European Security Strategy – Building on Common Interests

·  Hardin, R. Trust & Trustworthiness, Russell Sage Foundation, New York 2002

·  O’Hara, K. Trust: From Socrates to Spin, Icon Books, Cambridge 2004

·  Lacohee, H. Crane, S. and Phippen, A. Trustguide: Final report – www. trustguide. org. uk

·  Rannenberg, K. Royer, D. and Deuker, A The Future of Identity in the Information Society, Springer 2009

·  OECD “At a Crossroads: Personhood and Digital Identity in the Information Society”, http://www. oecd. org/dataoecd/31/6/.doc

·  Cavoukian, A. and Hamilton, T. Privacy Payoff, McGraw-Hill 2002 and Cavoukian, A. Privacy by Design, IPC Ontario 2009 www. ipc. on. ca

·  Habermas, J. The structural transformations of the public sphere, Cambridge, 1962 (trans 1989)

·  O’Hara, K and Shadbolt, N. The spy in the coffee machine – The end of privacy as we know it, Oneworld Oxford, 2008.

·  Weitzner, D. Abelson, H. Berners Lee, T. Feigenbaum, J. Hendler and Sussman, J. Information Accountability, 2008

·  Hildebrandt, M and Koops, B-J (eds) A vision of Ambient Law, (2007) available at www.

·  Rannenberg, K. Royer, D. and Deuker, A The Future of Identity in the Information Society, Springer 2009

Topic 3: PII protection in practice: regulations in Russia and worldwide

Topic outline:

·  Terminology and definitions

·  Individuals: Paradox of Generation Y

·  Software certification

·  Outsourcing issues

·  Manual data processing

·  Banking Industry: Contradictions and Workarounds

·  IT Industry: Challenges and Opportunities

·  Business: Obligations and Threats

·  Federal Law of the Russian Federation on Personal Data and international security agreements

·  Data fusion

·  Case study: The Harrowing Hack That Erased a Writers Identity

Main references/books/reading:

·  Holtzman, D. H. Privacy Lost: How Technology Is Endangering Your Privacy. Jossey-Bass; 1 edition (October 13, 2006)

·  Savelieva, A., Avdoshin, S.: Personal Data Protection in Russia: Trends of the Last Decade. In: Proceedings of “2010 Workshop on Cyber Security and Global Affairs & Security Confabulation IV”, Zurich, 2010.

Additional references/books/reading:

·  ISS Report 05, Feb 2009: The European Security Strategy – Building on Common Interests

·  Proposal for a Regulatory framework for Electronic communication networks and services

Topic 4: Classification of security threats. SDL methodology. Information security risk management standards and tools

Topic outline:

·  Threat and risk: definitions, attributes, formalizations

·  Security thread modeling

·  Advanced persistent threat (APT)

·  Microsoft best practices: SDL methodology

·  Code review using static analysis tools

·  Architectural risk analysis

·  Penetration testing

·  Security testing

·  STRIDE classification

·  ISO/IEC 27001:2005

·  Information security risk management standards and tools: CRAMM, RiskWatch, GRIF

·  Case study: A Software Bug Causing Panic at Tokyo Stock Exchange

Main references/books/reading:

·  Howard, M., Lipner, S.: The Security Development Lifecycle: SDL: A Process for Developing Demonstrably More Secure Software. Microsoft Press, pp.

·  McGraw, G.: Software Security: Building Security In. Addison-Wesley, February 2006.

·  Tamai, T.: Social Impact of Information System Failures // Computer, IEEE, vol. 42, no. 6, pp. 58-65, 2009

Additional references/books/reading:

·  Schneier, B.: Modeling security threats // Dr. Dobb’s Journal, December, 1999.

·  CRAMM V Official website // Siemens Enterprise Communications Limited 2006. Available at: www.

·  Digital Security: GRIF //Available: http://www. dsec. ru/products/grif/

·  RiskWatch Official website // RiskWatch, Inc. Available at: http://www. /

·  Savelieva, A.: Modeling Security Threats to Cryptographically Protected Data. In Proceedings of the Third Spring Young Researchers’ Colloquium on Software Engineering (SYRCoSE 2009). May 28-29, 2009. – Moscow, Russia, Pp. 56 – 60.

·  ISO/IEC TR 18044:2004, Information technology. Security techniques. Information security incident management

·  Information technology. Security techniques. Information security management systems Requirements, ISO/IEC 27001:2

·  C. Gliedman,“Managing IT Risk with Portfolio Management Thinking,” CIO (Analyst Corner), http://www. /analyst/012502_giga. html.

Topic 5: Attack lifecycle. Types of information attacks. Detection and prevention of attacks.

Topic outline:

·  What is an information security attack

·  Classification of attacks

·  0day attack

·  4 stages of information attack lifecycle: Reconnaissance, penetration, information damage, and proliferation

·  Examples of attacks: DDoS, bot nets, and spam

·  Intrusion detection and prevention systems

·  Case study: Anonymous hacktivist targeting a famous security company

Main references/books/reading:

·  Serdiouk, V. A.: Advances in Technologies for Protection against Attacks in Corporate Networks. Tekhnosphera, Moscow (2007) – In Russian

·  Avdoshin S., Savelieva A.: A Framework for Analysis of Case Studies in Information Security. In: Proceedings of CEE-SECR’2012 (to appear)

Additional references/books/reading:

·  Howard, M., Lipner, S.: The Security Development Lifecycle: SDL: A Process for Developing Demonstrably More Secure Software. Microsoft Press, pp.

·  Lindqvist U., Jonsson E. How to systematically classify computer security intrusions. // IEEE Symposium on Security and Privacy, p. 154–163, Los Alamitos, CA, 1997.

·  Weber D. J. A taxonomy of computer intrusions. Master’s thesis, Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology, June 1998.

·  Paulauskas N., Garsva puter System Attack Classification // Electronics and Electrical Engineering 2006. nr. 2(66)

·  M. Howard, J. Pincus, and J. Wing, “Measuring Relative Attack Surfaces,” 2003, http://www. cs. cmu. edu/~wing/publications/Howard-Wing03.pdf.

·  Manadhata and Wing, “Measuring a System’s Attack Surface,” 2004, http://reports-archive. adm. cs. cmu. edu/anon/2004/CMU-CS-04-102.pdf .

Topic 6: Securing the perimeter of an organization. Firewalls, antiviruses, DLP systems. . Information security audit

Topic outline:

·  Technical measures for information security protection of an organization: Firewalls, antiviruses, DLP systems

·  Remote desktop protection

·  Guidelines for information security audit

·  Standard ISO 27

·  Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE)

·  COBIT framework

·  Measuring information security

·  Case study: Security tokens crack affecting major corporations

Main references/books/reading:

·  Serdiouk, V. A.: Advances in Technologies for Protection against Attacks in Corporate Networks. Tekhnosphera, Moscow (2007) – In Russian

·  McGraw, G.: Software Security: Building Security In. Addison-Wesley, February 2006.

·  ISO/IEC: ISO/IEC 17799, “Code of Practice for Information Security Management,” 2000.

·  C. Villarrubia, E. Fernandez-Medina, and M. Piattini, “Analysis of ISO/IEC 17799:2000 to be used in Security Metrics,” Security and Management, pp.109–117, 2004.

·  Heimerl, J. L., Voight, H.: Measurement: The Foundation of Security Program Design and Management // Computer Security Journal, 2005.

Topic 7: Cryptographic methods and tools. Digital signatures. PKI infrastructure. Modern cryptanalysis techniques

Topic outline:

·  The history of cryptography

·  Shannon’s fundamental principles and Kerckhoffs's Desiderata

·  Symmetric primitives and their application

·  Private-key cryptosystems: GOST, DES, DESX, 3DES, AES

·  Block cipher-based hash functions and stream ciphers

·  Hard problems of number theory: factorization and discrete logarithm computation

·  Public-key cryptosystems: RSA, Diffie-Hellman key exchange

·  Practical applications: cryptographic protocols, digital signatures

·  PKI infrastructure

·  Cryptanalysis: linear, differential

·  The Future: Quantum cryptography and cryptanalysis

·  Software libraries and tools for doing crypto: Cryptool, NTL, etc.

·  Case study: Recruiting giant under attack

Main references/books/reading:

·  Oppliger R. Contemporary Cryptography. Artech House Publishers, 2005, 510 p.

·  Brassard J. Modern Cryptology. Springer-Verlag, Berlin - Heidelberg, 19p.

·  Decrypted Secrets: Methods and Maxims of Cryptology: FL Bauer: Springer-Verlag Telos; 2nd Rev&Ex edition (February 2000), 470 p.

·  Avdoshin S. M., Savelieva A. A. Cryptanalysis: current state and future trends// Information technologies. Moscow, ‘Novye technologii’, in Appendix to № 3, 2007, 35 p. (in Russian).

·  Avdoshin S. M., Savelieva A. A. Tools for asymmetric ciphers analysis: Industrial registration certificate No. 10193 dated 18.03.2008 (in Russian).

·  Library for doing Number Theory. Available at: http://www. /ntl/ 06.02.2007

·  Lenstra Jr. H. W. Factoring integers with elliptic curves // Annals of Mathematics , 649-673.

·  Rabin M. O. Probabilistic algorithm for testing primality // Journal of Number Theory, no. 1, pp. 128–138.

·  Miller G. L. Riemann's Hypothesis and Tests for Primality // Journal of Computer and System Sciences, no. 3, pp. 300–317.

·  Gordon M. D. Discrete logarithms in GF(p) using number field sieve //SIAM Journal on Discrete Mathematics 6, no.1, 1993, pp/ 124-138.

·  Coppersmith D., Odlyzko A., Schroeppel R. Discrete logarithms in GF(p) // Algorithmica. 1986. V. 1. - P. 1—15.

·  Avdoshin S. M., Savelieva A. A. Algorithm for solving linear systems over residue rings // Information technologies. Moscow, Novye technologii’’, 2006. № 2.- p.50-54 (in Russian).

·  Schneier B. Applied Cryptography Second Edition: protocols, algorithms and source code in C. John Wiley & Sons Inc., 1996.

Additional references/books/reading:

·  Kerckhoffs A. La cryptographie militaire // Journal des sciences militaires, vol. IX. P. 5-38, Jan. 1883, (P. 161-191, Feb. 1883).

·  Waerden B. L. Algebra. Vol. 1, Springer-Verlag, Berlin, 1991.

·  Savelieva A. Formal methods and tools for evaluating cryptographic systems security // St. Petersburg, ISP RAS, In Proceedings of the Second Spring Young Researchers Colloquium on Software Engineering (SYRCoSE’2008), 2008, Vol 1. P. 33-36.

·  Khovratovich, D., Rechberger, C., Savelieva, A.: Bicliques for Preimages: Attacks on Skein-512 and the SHA-2 family. In: Canteaut, A. (ed.) FSE'12. LNCS, vol. 7549, pp. 244-263. Springer, Heidelberg (2012).

·  Hriţcu C., Goriac I., Gordân R. M., Erbiceanu E. MpNT: Designing a Multiprecision Number Theory Library. Faculty of Computer Science, “Alexandru Ioan Cuza” University, Iasi, 2003.

·  CLN. Available at: http://www. ginac. de/CLN/

·  Boreale M., De Incola R., Pugliese R. Proof techniques for cryptographic processes. SIAM put., 31(3), 2002. Pp. 947-986.

·  Zhou Y., Feng D. Side-Channel Attacks: Ten Years After Its Publication and the Impacts on Cryptographic Module Security Testing // Physical Security Testing Workshop (Hawaii, September 26-29, 2005. Available at: http://eprint. iacr. org/2005/388.pdf

·  Rivest R. L., Shamir A., Adleman L. M. A Method for Obtaining Digital Signatures and Public Key Cryptosystems// Communications of the ACM, v. 21, n. 2, February 1978. P. 120-126.

Topic 8: Steganography. Digital watermarking. Applications for copyright protection, authenticity assurance and fraud prevention

Topic outline:

·  Digital Watermarking for Protection of Intellectual Property

·  Perceptual Data Hiding in Still Images

·  Audio Watermarking: Properties, Techniques and Evaluation

·  Design Principles for Active Audio and Video Fingerprinting

·  Issues on Image Authentication

·  Digital Signature-Based Image Authentication Data Hiding in Document Images

·  Case study: Steganography in crime investigation

Main references/books/reading:

·  Chun-Shien Lu: Multimedia Security: Steganography and Digital Watermarking Techniques for Protection of Intellectual Property. IGI Publishing, 2004.

·  Eggers, J., Su, J., & Girod, B.: Robustness of a blind image watermarking scheme. International Conference on Image Processing Proceedings, ICIP 2000, vol

·  Ejim, M., & Miyazaki, A.: A wavelet-based watermarking for digital images and video. International Conference on Image Processing, ICIP 00, vol.

·  Goutte, R., & Baskurt, A.: On a new approach of insertion of confidential digital signature into images. Proceedings of Fourth International Conference on Signal Processing, ICSP 98, vol. 2, pp. 1170-1

·  Cox, I., Miller, M., & Bloom, J. Digital watermarking, San Diego, CA: Academic Press. (2002).

Additional references/books/reading:

·  Barni, M., Bartolini, F., Cappellini, V., & Piva, A. Robust watermarking of still images for copyright protection. 13th International Conference on Digital Signal Processing Proceedings, DSP 97, vol.

·  Baudry, S., Nguyen, P., & Maitre, H. Channel coding in video watermarking: Use of soft decoding to improve the watermark retrieval. International Conference on Image Processing Proceedings, ICIP 2000, vol

·  Bors, A., & Pitas, I.. Image watermarking using DCT domain constraints. International Conference on Image Processing Proceedings, ICIP 96, pp. 231-

·  Bruyndonckx, O., Quisquater, J.-J., & Macq, B. Spatial method for copyright labeling of digital images. Proceeding of IEEE Nonlinear Signal Processing Workshop, pp. 456-4

·  Busch, C., & Wolthusen, S. Digital watermarking from concepts to real-time video applications. IEEE Computer Graphics and Applications, 25-

·  Chae, J., Mukherjee, D., & Manjunath, B. A robust embedded data from wavelet coefficients. Proceeding of SPIE, Electronic Imaging, Storage and Retrieval for Image and Video Database, 3312, pp. 308-3

Topic 9: Human factor in security. Social engineering. Organizational measures for information protection. Corporate security policy

Topic outline:

·  Human role in information protection

·  Types and motivation of adversaries

·  Methods and tools of social engineering

·  Insider threat

·  Organizational measures for information protection

·  Guidelines and templates for corporate security policy development

·  Case study: Accidental posting of information intended for internal use

Main references/books/reading:

·  Savelieva, A.: Formal methods and tools for evaluating cryptographic systems security. In: Proceedings of the Second Spring Young Researchers’ Colloquium on Software Engineering (SYRCoSE’2008), St. Petersburg, ISP RAS, 2008, Vol 1. Pp. 33-36.

·  Schneier, B.: Beyond Fear. Thinking Sensibly about Security in an Uncertain World. Copernicus Books (2003)

Additional references/books/reading:

·  Serdiouk, V. A.: Advances in Technologies for Protection against Attacks in Corporate Networks. Tekhnosphera, Moscow (2007) – In Russian

Topic 10: Hackers subculture: evolution, motivation, purposes, and targets. Anonymous group

Topic outline:

·  Hacker’s types, ethics and motivation

·  Evolution overtime: how the development of the Internet affected the subculture

·  The importance of understanding your enemy

·  Computer crimes

·  Case study: Vandalism on the Internet: court website defaced in support of a punk band

Main references/books/reading:

·  Schneier, B.: Beyond Fear. Thinking Sensibly about Security in an Uncertain World. Copernicus Books (2003)

Additional references/books/reading:

·  Hartel, P. H., Junger, M.: Teaching Information Security students to ”Think thief”. Technical Report TR-CTIT-12-19, Centre for Telematics and Information Technology, University of Twente, Enschede. ISSN 1381-3

8.  Educational Methods and Technologies

Case studies are stories with educational message [4]. Case study method was introduced in the beginning of 20th century in Harvard Business School primarily for development of analytical and problem-solving skills among training lawyers and managers. The case study method used at practical classes:

·  makes the learning process interactive and entertaining;

·  contributes to the development of analytical skills;

·  encourages active use of theoretical knowledge;

·  allows for students to feel at real-world situation;

·  is adaptive to students level and background;

·  admits both teamwork and independent work;

·  imposes minimal requirements to laboratory equipment.

· 

Educational institutions in the US and Europe are actively working on adopting this innovation into the educational practice of teaching information security and assurance (see [5, 6]). Case study analysis was enlisted in [7] among the skills that students at both undergraduate and graduate levels should embrace as a security professional.

In this course we use a framework of methods, tools and taxonomies for analysis of case studies in information security field [8]. This framework allows students to study every situation in a formal rather than ad-hoc way, and apply a wide range of threat modeling, risk analysis and project management techniques in close to real life conditions.

8.1.  Recommendations for course instructors

A big problem that an educator faces when using case studies for teaching practical information security in higher school is the lack of ready-made materials available for free use, apart from ”product success story” case studies presented on web sites of a few companies for advertisement purposes. We have addressed this problem by showing how to build a fascinating and relevant story from scratch without much efforts from the teacher, but with high benefit to the audience:

·  Savelieva A. How to design case studies and use them in information security seminar classes (with samples) // Software Engineering Department, HSE, 2011. (under a grant from the Foundation for Educational Innovations)

The sources [4‑8] enlisted in the Reference section might also be helpful to the instructor.

8.2.  Educational guidelines for students

Students will benefit from reading the sources listed in Section 8.1.

9.  Assessment Methods

Written test

The written test is a computer testing assessment based on the topics covered in the course (see Section 5 for the list of topics).

Written Exam

Student is assigned a case study related to one of the course topics.

Typical tasks to complete are as follows:

1.  Identify information security events E

2.  Sort E in chronological order

3.  Depict the flow of events E by means of Event Chain Diagram

4.  For each event in E

a) Identify affected information assets I

b) For each information asset in I

  i.  Identify information security property violation threats T

  ii.  For each threat in T

A. Specify affected information security property

B. Evaluate the risk (probability and impact)

C. Propose methods and best practices for risk mitigation

Case study example:

“A customer of the Rocky Mountain Bank asked a bank employee to send certain loan statements to a representative of the customer. The employee, however, inadvertently sent the e-mail to the wrong Gmail address. Additionally, the employee had attached a sensitive file to the e-mail that should not have been sent at all.

The attachment contained confidential information on 1,325 individual and business customers that included their names, addresses, tax identification or Social Security numbers and loan information.

After realizing what he’d done, the employee “tried to recall the e-mail without success.”

When that didn’t work, the employee sent a second e-mail to the recipient instructing the person to delete the e-mail and attachment “in its entirety” without opening or reviewing it. The employee also asked the recipient to contact the employee to “discuss his or her actions.”

Silence ensued. That’s when the bank sued Google to identify the recalcitrant recipient.

Google said it wouldn’t comply without a court order, and even if it does receive a court order, its policy is to notify an account holder and give the person a chance to object to the disclosure of his or her identity. The court is considering the bank’s request.

In the meantime, Rocky Mountain Bank filed a motion to seal the entire case until the court decides whether to force Google to reveal the recipient’s name, saying it didn’t want its customers to learn about the breach, because it would create panic and result in a surge of inquiries from customers. It wants the information under seal until it can determine from Google whether the Gmail account in question is active or dormant, and whether the sensitive customer information is actually at risk of being abused.

A federal judge in San Jose, California denied the bank’s request to seal.”

(Source: Zetter, K.: Bank Sends Sensitive E-mail to Wrong Gmail Address, Sues Google. At: http://www. /threatlevel/2009/09/bank-sues-google/ )

10.  Learning Resources

10.1.  Course reader and main book(s)

·  V. A. Serdiouk, Advances in Technologies for Protection against Attacks in Corporate Networks. Tekhnosphera, Moscow (2007) – In Russian

·  Howard M., Lipner S. The Security Development Lifecycle. SDL: A Process for Developing Demonstrably More Secure Software. Microsoft Press, - 304 p. (2006)

·  Holtzman, D. H.: Privacy Lost: How Technology Is Endangering Your Privacy. Jossey-Bass; 1 edition (2006)

10.2.  Main literature

·  Schneier, B.: Applied Cryptography Second Edition: protocols, algorithms and source code in C. John Wiley & Sons Inc., (1996)

·  Jones, B. F., & Idol, L.. Conclusions. In B. F. Jones & L. Idol (Eds.), Dimensions of thinking and cognitive instruction (pp. 511-532). Hillsdale, NJ: Lawrence Erlbaum Associates, Inc. (1990)

·  McGraw, G.: Software Security: Building Security In. Addison-Wesley (2006).

10.3.  Additional literature

·  Bob Blakley, Ellen McDermott, Dan Geer. Information security is information risk management // NSPW '01 Proceedings of the 2001 workshop on New security paradigms, ACM (2001)

·  Shneier B. Snake Oil, Crypto-Gram // February, 1999. Available at: http://www. /Crypto-Gram. html 22.01.2008

·  Berners-Lee, T. Hall, W. Hendler, J. O’Hara, K. Shadbolt, N. and Weitzner, D. A Framework for Web Science, Foundations and Trends in Web Science, 1(1), Pp. 1‑

10.4.  Reference books, dictionaries, encyclopedias

·  ISO/IEC TR 18044:2004, Information technology. Security techniques. Information security incident management

·  ISO/IEC 27005:2008 Information technology - Security techniques - Information security risk management.

·  ISO/IEC: ISO/IEC 17799, “Code of Practice for Information Security Management,” 2000.

10.5. Internet and intranet references for remote support of the discipline

·  Savelieva A."00545 Information security learning based on case studies: from practice to theory ". LMS, HSE, 2012 (in Russian).

·  Avdoshin S. M., Savelieva A. A., Serdiouk V. A. Microsoft technologies and products for information protection // Microsoft Faculty Resource Center, 2010, https://www. /curriculum/pfv. aspx? ID=8476&Login=

·  Avdoshin S. M., Savelieva A. A., Serdiouk V. A. Microsoft technologies and products for information protection // INTUIT, 2010, http://www. intuit. ru/department/security/mssec/

10.6.  Required software:

·  Microsoft Office Professional

·  Microsoft Visual Studio

·  Internet browser with video plug-ins

·  Cryptool 2.0

11.  Special Equipment

Practical studies are conducted in a computerized laboratory equipped with an overhead projector and audio portables. Every student has a PC with high speed internet connection and access to the HSE electronic library.

References

1.  Master curriculum of MSc educational programme 231000.68 “Software Engineering”, specialization “Software development management”. - Moscow, HSE, 2010.

2.  Curriculum of 1st year MSc educational programme 231000.68 “Software Engineering”, specialization “Software development management”. - Moscow, HSE, 2010.

3.  Federal state educational standard of higher education in software engineering (Master degree) approved by Order of the RF Ministry of Education and Science of 9 November 2009 N543 (in Russian).

4.  Herreid, C. F. (ed): Start With a Story: The Case Study Method of Teaching Science. National Science Teachers Association, Arlington, VA. pp.

5.  Workshop on Teaching Information Assurance through Case Studies and Handson Experiences. http://teaching-ia. /

6.  Hartel, P. H., Junger, M.: Teaching Information Security students to ”Think thief”. Technical Report TR-CTIT-12-19, Centre for Telematics and Information Technology, University of Twente, Enschede. (2012)

7.  Logan, P., Christofero, T.: Giving Failure a Place in Information Security: Teaching Students to Use the Post-Mortem as a Way to Improve Security. In: Proceedings of the 13th Colloquium for Information Systems Security Education. University of Alaska, Fairbanks Seattle, WA June 1 - 3, 2

8.  Avdoshin S., Savelieva A.: A Framework for Analysis of Case Studies in Information Security. In: Proceedings of CEE-SECR’2012 (to appear)

The author of the program: ________Savelieva A.