TY - JOUR
T1 - Cybersecurity
T2 - Exploring core concepts through six scenarios
AU - Sherman, Alan T.
AU - DeLatte, David
AU - Neary, Michael
AU - Oliva, Linda
AU - Phatak, Dhananjay
AU - Scheponik, Travis
AU - Herman, Geoffrey L.
AU - Thompson, Julia
N1 - Publisher Copyright:
© 2017, © 2017 Taylor & Francis.
PY - 2018/7/4
Y1 - 2018/7/4
N2 - The authors introduce and explain core concepts of cybersecurity through six engaging practical scenarios. Presented as case studies, the scenarios illustrate how experts may reason through security challenges managing trust and information in the adversarial cyber world. The concepts revolve around adversarial thinking, including understanding the adversary; defining security goals; identifying targets, vulnerabilities, threats, and risks; and devising defenses. They also include dealing with confidentiality, integrity, availability (known as the “CIA triad”), authentication, key management, physical security, and social engineering. The authors hope that these scenarios will inspire students to explore this vital area more deeply. The target audience is anyone who is interested in learningabout cybersecurity, including those with little to no background in cybersecurity. This article will also interest those who teach cybersecurity and are seeking examples and structures for explaining its concepts. For students and educators, the authors include selected misconceptions they observed in student responses to scenarios. The contributions are novel educational case studies, not original technical research. The scenarios comprise responding to an e-mail about lost luggage containing specifications of a new product, delivering packages by drones, explaining a suspicious database input error, designing a corporate network that separates public and private segments, verifying compliance with the Nuclear Test Ban Treaty, and exfiltrating a USB stick from a top-secret government facility.
AB - The authors introduce and explain core concepts of cybersecurity through six engaging practical scenarios. Presented as case studies, the scenarios illustrate how experts may reason through security challenges managing trust and information in the adversarial cyber world. The concepts revolve around adversarial thinking, including understanding the adversary; defining security goals; identifying targets, vulnerabilities, threats, and risks; and devising defenses. They also include dealing with confidentiality, integrity, availability (known as the “CIA triad”), authentication, key management, physical security, and social engineering. The authors hope that these scenarios will inspire students to explore this vital area more deeply. The target audience is anyone who is interested in learningabout cybersecurity, including those with little to no background in cybersecurity. This article will also interest those who teach cybersecurity and are seeking examples and structures for explaining its concepts. For students and educators, the authors include selected misconceptions they observed in student responses to scenarios. The contributions are novel educational case studies, not original technical research. The scenarios comprise responding to an e-mail about lost luggage containing specifications of a new product, delivering packages by drones, explaining a suspicious database input error, designing a corporate network that separates public and private segments, verifying compliance with the Nuclear Test Ban Treaty, and exfiltrating a USB stick from a top-secret government facility.
KW - Cybersecurity Assessment Tools (CATS)
KW - computer security
KW - cybersecurity education
KW - information assurance
UR - http://www.scopus.com/inward/record.url?scp=85172572015&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85172572015&partnerID=8YFLogxK
U2 - 10.1080/01611194.2017.1362063
DO - 10.1080/01611194.2017.1362063
M3 - Article
AN - SCOPUS:85172572015
SN - 0161-1194
VL - 42
SP - 337
EP - 377
JO - Cryptologia
JF - Cryptologia
IS - 4
ER -