TY - JOUR
T1 - Cybersecurity
T2 - Exploring core concepts through six scenarios
AU - Sherman, Alan T.
AU - DeLatte, David
AU - Neary, Michael
AU - Oliva, Linda
AU - Phatak, Dhananjay
AU - Scheponik, Travis
AU - Herman, Geoffrey L.
AU - Thompson, Julia
N1 - Funding Information:
This work was supported in part by the U.S. Department of Defense under CAE-R grants H98230-15-1-0294 and H98230-15-1-0273, and by the National Science Foundation under SFS grant 1241576.
Publisher Copyright:
© 2017 Taylor & Francis
PY - 2018
Y1 - 2018
N2 - The authors introduce and explain core concepts of cybersecurity through six engaging practical scenarios. Presented as case studies, the scenarios illustrate how experts may reason through security challenges managing trust and information in the adversarial cyber world. The concepts revolve around adversarial thinking, including understanding the adversary; defining security goals; identifying targets, vulnerabilities, threats, and risks; and devising defenses. They also include dealing with confidentiality, integrity, availability (known as the “CIA triad”), authentication, key management, physical security, and social engineering. The authors hope that these scenarios will inspire students to explore this vital area more deeply. The target audience is anyone who is interested in learningabout cybersecurity, including those with little to no background in cybersecurity. This article will also interest those who teach cybersecurity and are seeking examples and structures for explaining its concepts. For students and educators, the authors include selected misconceptions they observed in student responses to scenarios. The contributions are novel educational case studies, not original technical research. The scenarios comprise responding to an e-mail about lost luggage containing specifications of a new product, delivering packages by drones, explaining a suspicious database input error, designing a corporate network that separates public and private segments, verifying compliance with the Nuclear Test Ban Treaty, and exfiltrating a USB stick from a top-secret government facility.
AB - The authors introduce and explain core concepts of cybersecurity through six engaging practical scenarios. Presented as case studies, the scenarios illustrate how experts may reason through security challenges managing trust and information in the adversarial cyber world. The concepts revolve around adversarial thinking, including understanding the adversary; defining security goals; identifying targets, vulnerabilities, threats, and risks; and devising defenses. They also include dealing with confidentiality, integrity, availability (known as the “CIA triad”), authentication, key management, physical security, and social engineering. The authors hope that these scenarios will inspire students to explore this vital area more deeply. The target audience is anyone who is interested in learningabout cybersecurity, including those with little to no background in cybersecurity. This article will also interest those who teach cybersecurity and are seeking examples and structures for explaining its concepts. For students and educators, the authors include selected misconceptions they observed in student responses to scenarios. The contributions are novel educational case studies, not original technical research. The scenarios comprise responding to an e-mail about lost luggage containing specifications of a new product, delivering packages by drones, explaining a suspicious database input error, designing a corporate network that separates public and private segments, verifying compliance with the Nuclear Test Ban Treaty, and exfiltrating a USB stick from a top-secret government facility.
KW - Cybersecurity Assessment Tools (CATS)
KW - computer security
KW - cybersecurity education
KW - information assurance
UR - http://www.scopus.com/inward/record.url?scp=85030149197&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85030149197&partnerID=8YFLogxK
U2 - 10.1080/01611194.2017.1362063
DO - 10.1080/01611194.2017.1362063
M3 - Article
AN - SCOPUS:85030149197
VL - 42
SP - 1
EP - 42
JO - Cryptologia
JF - Cryptologia
SN - 0161-1194
IS - 4
ER -