National Centers of Academic
Excellence in Information
Assurance Education (CAEIAE)
Program:
OAsIS
OAsIS
Overview
• National requirement for IA education and
training
• Systematic assessment
• Formal certification
• Duties and responsibilities of certified
institutions:
–
–
–
–
–
Information assurance professional
Designated approving authority
System administration in information systems security
Information systems security officer
System certifier
OAsIS
History
• Established: National Security
Telecommunications and Information
Systems Security Committee
• May 1998: Presidential Decision Directive
63 on Critical Infrastructure Protections
• Jan 2000, initiated the IACE Program to
establish standards
OAsIS
Certified Institutions
http://www.nsa.gov/ia/academia/iacmap.cfm?M
enuID=10.2.1.4
OAsIS
Criteria: Points System
1.
2.
3.
4.
5.
Partnerships in IA Education (Max.15 pts)
IA Treated as a Multidisciplinary Science (Max. 30 pts)
University Encourages the Practice of IA (Max. 25 pts)
Academic Program Encourages Research in IA (Max 35 pts)
IA Curriculum Reaches Beyond Geographic Borders
(Max 50 pts)
6.
Faculty Active in IA Practice & Research & Contribute
to IA Literature (Max 30 pts)
7. State–of-the-Art IA Resources (Max 30 pts)
8. Declared Concentrations (Max 30 pts)
9. Declared Center for IA Education or Research (Max 35 pts)
10. Full-time IA Faculty (Max 30 pts)
OAsIS
Criteria 1: Partnerships in IA
Education
• Provide evidence (memorandum of
agreement) of partnerships in IA education
with minor colleges and university
• Shared curriculum
• Shared faculty
• Reciprocity of credits
OAsIS
Criteria 2: IA Treated as a
Multidisciplinary Science
• The academic program demonstrates that
IA is a multidisciplinary science with the
body of IA knowledge incorporated into
various disciplines.
• Evidence IA is taught as modules
• IA concentration programs require nontechnical courses of study, i.e., ethics,
policy, legal, human performance, math,
business.
OAsIS
Criteria 3: University encourages
the Practice of IA
• The academic program demonstrates how the
university encourages the practice of IA
• Copy of university or departmental IA security
plan. http://www.bsu.edu/web/security/
• Evidence of IA Awareness Program for faculty and
students. http://www.bsu.edu/web/ucs/training/
• University appointed Information Systems
Security Officer: Loren Malm
OAsIS
Criteria 4: Academic Program
Encourages Reaches in IA
• The academic program encourages
research in IA.
• Program with IA concentrations have thesis,
dissertation, or project requirements.
• Individual IA courses require research
paper(s) or project(s).
• Non-IA courses encourage papers in IA
topics or projects.
OAsIS
Criteria 5: IA Curriculum Reaches
Beyond Geographic Borders
• The IA curriculum reaches beyond the normal
geographic borders of the university Extended
Education IA courses/workshops?
• Use of distance education technology and
techniques to deliver IA courses.
• Sponsorship of regional or national IA curriculum
workshops, colloquia, etc. Green is heading one
up in March
• Professional studies program leading to
certificate in IA.
OAsIS
Criteria 6: Faculty Active in IA
Practice & Research & Contribute
to IA Literature
• Faculty is active in current IA practice and research, and
contributes to IA literature.
• Papers on IA topics within refereed journals or peer
reviewed conference proceedings. Here you go
Sushil…show off!
• Faculty awarded grants for IA education and/or research
development. Provide synopsis of IA related grants and
dates.
• Faculty and/or student presentations on IA topics at
regional or national conferences.
• Provide biographies to substantiate depth and length of
faculty expertise. Got to get everyone to participate…I
haven’t had any luck.
OAsIS
Criteria 7: State-of-the-Art IA
Resources
• The university library and reference
systems/materials and/or the IA Center maintain
state-of-the-art IA resources.
• Evidence of access to current INFOSEC
educational text books, monographs, reports,
and journals, including those in supporting areas
such as Audit and Control.
http://www.bsu.edu/library/
• Evidence of archive or access to historical IA
documents. http://www.bsu.edu/library/
OAsIS
Criteria 8: Declared
Concentrations
• Concentration on IA at the BS level.
• Enrolled (current academic year) New program
• Graduated (past 2 academic years) New
program
• Concentration on IA at the MS level.
• Enrolled (current academic year)
• Graduated (past 2 academic years)303.
Concentration on IA at the Ph.D. level.
• Enrolled (current academic year)
• Graduated (past 2 academic years)
OAsIS
Criteria 9: Declared Center for IA
Education or Research
• A declared center for IA education or a
center for IA research from which IA
curriculum is emerging.
– The center may be school or universitybased.
• School Level
• University Level Working on this
OAsIS
Criteria 10: Full-time IA Faculty
• University IA faculty consists of more than one
individual devoted full time to IA..
• Identify by name the full-time faculty member
working full time in IA with overall responsibility
for the IA Program. Sushil Sharma
• Additional full-time faculty member working full
time in IA
• Shared faculty (e.g. intra or inter departmental,
or other 4-year graduate university) Kitchens,
Harris, Whitesel, Chen
• Each adjunct/part-time faculty
OAsIS
The
OAsIS
Center
Ball State University
2/25/05
OAsIS
OAsIS Mission Statement
To develop and promote organizational
assurance and information security
through leadership in research,
education, training and application.
OAsIS
Need for the Center
• Adapt teaching methods and
techniques
• Updating curriculum to meet
today’s and future needs
• Endorsed by the Dept. of Defense
• Information assurance is
imperative to today’s environment
OAsIS
OAsIS
•
•
•
•
•
•
Provide students hands-on learning
experience
Provide outside organizations experts in the
field of organizational assurance
Incorporate integrity and ethics in the
curriculum
Incorporate the security assurance through
multidisciplinary teachings
Challenge students to seek excellence
Challenge professors to look to the future for
solutions
OAsIS
Funding
• To date:
– Internal grant of $XXX
– Internal support
•
•
•
•
Hardware
Graduate assistant
Desks and chairs
Space
– External support
• Computer donations
OAsIS
Funding Requests
•
•
•
•
•
•
•
Standardized office equipment
More space for lab(s)
More graduate and student assistants
Marketing
Travel
Studio for video conferencing
Research grants
OAsIS
Conclusions
• Established need
• OAsIS abilities
• Funding now and for the future
OAsIS
Conclusion
• ISOM has the great beginnings to create a
Academic Excellence in Information Assurance
Education (CAEIAE) Program
• Established need
• OAsIS abilities
• Funding now and for the future
• University support
– Computers
– Desks
• Community support
– Computers
OAsIS