A novel approach for computer security education using Minix instructional operating system

Wenliang Du, Mingdong Shang, Haizhi Xu
2006 Computers & security  
To address national needs for computer security education, many universities have incorporated computer and security courses into their undergraduate and graduate curricula. In these courses, students learn how to design, implement, analyze, test, and operate a system or a network to achieve security. Pedagogical research has shown that effective laboratory exercises are critically important to the success of these types of courses. However, such effective laboratories do not exist in computer
more » ... ecurity education. Intrigued by the successful practice in operating system and network courses education, we adopted a similar practice, i.e., building our laboratories based on an instructional operating system. We use Minix operating system as the lab basis, and in each lab we require students to add a different security mechanism to the system. Benefited from the instructional operating system, we design our lab exercises in a way such that students can focus on one or a few specific security concepts while doing each exercise. The similar approach has proved to be effective in teaching operating system and network courses, but it has not yet been used in teaching computer security courses. To address these needs, many universities have incorporated computer and information security courses into their undergraduate and graduate curricula. In many curricula, computer security and network security are two core courses. These courses teach students how to design, implement, analyze, test, and operate a system or a network with the goal of making it secure. Pedagogical research has shown that students' learning is enhanced if they can engage in a significant amount of hands-on exercises. Therefore, effective laboratory exercises (or course projects) are critically important to the success of computer security education. Traditional courses, such as operating systems, compilers, and networking, have effective laboratory exercises, as the result of twenty years maturation. In contrast, laboratory designs in security education courses are still embryonic. A variety of approaches are currently used; three of the most frequently used designs are the followings: (1) the free-style approach, i.e., instructors allow students to pick any security-related topic they are interested in for the course projects; (2) the dedicated-computing-environment approach, i.e., students conduct security implementation, analysis and testing [2, 3] in a contained environment; (3) the build-it-from-scratch approach, i.e., students build a secure system from scratch [4] . Free-style design projects are effective for creative students; however, most students become frustrated with this strategy because of the difficulty in finding an interesting topic. With the dedicated-environment approach, projects can be very interesting, with the logistical burdens of the laboratory-obtaining, setting up, and managing the computing environment. In addition, course size is constrained by the size of the dedicated environment. The third design approach requires students to spend considerable amount of time on activities that are irrelevant to computer security education but are essential for a meaningful and functional system. The lack of an effective and efficient laboratory for security courses motivated us to consider practices adopted by the traditional mature courses, e.g., operating systems (OS) and compilers. In OS courses, a widely adopted successful practice is using an instructional OS (e.g. MINIX [5], NACHOS [6], and XINU [7]) as a framework and ask students to write significant portions of each major piece of a modern OS. The compiler and network courses adopted a similar approach. Inspired by the success of the instructional OS strategy, we adapt it to our computer security courses. Specifically, we provide students with a system as the framework, and then ask them to implement significant portions of each fundamental security-relevant functionality for a system. Although there are a number of instructional systems for OS courses, to our knowledge, this approach has not yet been applied to computer and information security courses. Our goal is to develop a courseware system, serving as an experimental platform and framework for computer security courses. The courseware is not designed to create new security mechanisms, but to let students practice existing security work. The courseware contains a set of well defined and documented projects for helping students focus on (1) grasping security concepts, principles and technologies; (2) practicing design and implementation of security mechanisms and policies; and (3) analyzing and testing a system for its security properties. We chose Minix as our base system, and have designed a number of laboratory assignments on it. These assignments cover topics ranging from the design and implementation of security mechanisms to the analysis and testing of a system for security purpose. Each assignment can be considered as adding/modifying security mechanisms to Minix. To finish each task, students just need to focus on those security mechanisms, with minimum effort on other parts of the system. For example, while learning discretionary access control (DAC), we give students a file system without DAC mechanisms; students only need to design and implement DAC for this existing file system. Students can immediately see how their DAC implementation affect the system. This strategy helps students to stay focus on security concepts.
doi:10.1016/j.cose.2005.09.011 fatcat:bbumhrjnm5h4xbzgu6fbm4y7uu