To address national needs for computer security education, many universities have incorporated computer and security courses into their undergraduate and graduate curricula. In these courses, students learn how to design, implement, analyze, test, and operate a system or a network to achieve security. Pedagogical research has shown that effective laboratory exercises are critically important to the success of these types of courses. However, such effective laboratories do not exist in computer security education. Intrigued by the successful practice in operating system and network courses education, we adopted a similar practice, i.e., building our laboratories based on an instructional operating system. We use Minix operating system as the lab basis, and in each lab we require students to add a different security mechanism to the system. Benefited from the instructional operating system, we design our lab exercises in a way such that students can focus on one or a few specific security concepts while doing each exercise. The similar approach has proved to be effective in teaching operating system and network courses, but it has not yet been used in teaching computer security courses.
Read full abstract