This material is based upon work supported by the National Science Foundation under Grant No. 0723719.
Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s)
and do not necessarily reflect the views of the National Science Foundation.
During the summer of 2005 the faculty of the Department of Networking, Security and Systems Administration (NSSA) at Rochester Institute of Technology (RIT) hosted a pilot Security and Forensics Workshop for colleges and universities designated as Minority Serving Institutions (MSIs), specifically Historically Black Colleges and Universities (HBCUs). This three-day workshop proved to be a valuable and successful experience for the participants. RIT delivered curricular materials on topics aimed at cultivating faculty expertise in computer and network security and forensics through hands-on lab experiences. An important aspect of this experience was the available laboratory infrastructure at RIT. This project seeks to maintain the momentum from the pilot workshop by developing an extended two-week summer workshop and ongoing support during the academic year. Ongoing support, including class delivery, is accomplished through site visits and online collaboration. RIT has CAE/IAE certification and the infrastructure available to conduct effective training, and this proposal seeks to share our NSSA faculty’s knowledge and applied technical expertise in network and systems security and forensics with the faculty at our three partnering HBCUs: Texas A&M University Corpus Christi, Hampton University and Oakwood College. By offering this curricular training and sharing resources, together we can help to develop faculty expertise at our universities. Our partners, in turn, can leverage the best of their resources in a concentrated effort to stimulate and attract students to the field of computer science, specifically within the context of information assurance, computer security and forensics.
The proposal seeks to increase the number of information assurance professionals within the United States of America through applied teaching workshops. Traditional Computer Science programs address Information Assurance from a theoretical perspective; however, this grant proposes imparting, adapting and implementing our curricula with an applied approach for the educators themselves, and indirectly to their students. The workshop and online repository will expand the knowledge base of our collaborating universities’ Information Assurance faculty and their Information Assurance curriculum offerings for their students in preparation for the educational and employment opportunities available to them.
This multi-university effort also creates an environment of shared knowledge and resources through faculty collaboration that will continue into the future. The anticipated second phase of this project offers significant outreach potential, which will be served best by a successful implementation of this workshop. The continuing partnership enables the participating institutions to make a broader impact on the future security workforce through the sharing of curricular materials and professional expertise. The participation of the minority institutions allows RIT to actively participate in national efforts to recruit and retain students from underrepresented groups for graduate level education. By sharing our curriculum and resources through our lab facilities, we are also able to leverage the resources and expertise RIT possesses by involving geographically disperse undergraduate schools, thereby providing students with an opportunity to participate in and gain exposure to information assurance training that they otherwise might not have received.
Project Expansion to Build a Virtualization Cluster
The work of this project was extended to build a virtualization cluster for student and faculty teaching, learning and research of security and forensics topics in a secure and isolated environment. The intent was that RIT faculty and students along with partnering university faculty and students would engage in collaborating to build the cluster, with RIT as the lead.
The virtualization cluster project was designed with two goals in mind:
1. to provide a model example and how-to for other universities on building an economical virtualization cluster at their home university
2. to support collaborative teaching, learning and research across university boundaries
An Economical Virtualization Cluster Model
To accomplish the first goal, RIT faculty and students began developing a blue print for the virtualization cluster including network, rack and cluster diagrams. The following documents are publicly available for download to assist interested universities in building a virtualization cluster:
A final site book is also under development. The draft site book can be downloaded while the final book is under development. Together, the blue print and site book will enable other universities to build their own virtualization cluster based on the trials and tribulations of the RIT faculty and student experiences.
The virtualization cluster is based on 12 AMD hex core motherboards, each with 16G of memory and dual Gb Ethernet cards. A 13th or additional hex core motherboard with 16 G memory and Adaptec RAID controller with SSD cache and four 1.5 GB SATA drives makes up the iSCSI supporting the storage needs of the cluster. A repurposed RIT-owned Cisco Gb switch formed the network backbone for the cluster. The design intended that the systems could easily be reconfigured to run any available virtualization software. The cluster was initially constructed using VMWare ESXi VSphere and VCenter and allows for approximately 400 virtual machines to be run simultaneously. To date, 120 simultaneously running virtual machines have been successfully tested. The identified bottlenecks include network backbone infrastructure and iSCSI (based on the number of spindles).
Collaborative Teaching, Learning and Research using the Virtualization Cluster Model
Collaboration on the virtualization cluster began with the visit of Texas A&M Corpus Christi faculty and students during the summer of 2011 to work on building the cluster. Texas A&M students were asked to report on their visit. From their report, “During the RIT visit, 12 nodes were used (cluster members); they are connected to a SAN switch and they are connected to a SAN server. The total configuration is connected to a LAN switch and it is connected to a VPN access control. At TAMU-CC, a VPN server will be implemented in order to have access to the VPN access control at RIT.
Data storage devices have been studied including which data sources are used in modern virtual machines. A presentation of SAN and a step-by-step how to install VMware ESXi 4.1.0 guide was studied. Web-based VMware vCenter Lab Manager were analyzed with the idea to manage the operation of nodes in a computer network. It has been already implemented a Storage Area Network (SAN), 12 nodes, Monitor, KVM, Keyboard, and Power Distribution.”
Collaboration to build the cluster was merely the first step. The intent of the virtualization cluster is to provide a secure and isolated environment where students can experiment with and experience security scenarios without disrupting departmental or campus resources. This environment mitigates student, faculty and university risk while facilitating an open teaching, learning and research environment. The cluster was designed to provide secure remote access to participating students from both on and off the RIT campus. Remote users of the system are not provided with direct access to the virtual system, but rather console access, therefore limiting the risk to systems outside of the virtualized environment. The intent is that the virtualized system will allow for remote teams of students from current and future partnering universities from across the country to participate in curricular security events with RIT and other students.
To meet the aforementioned goals, RIT faculty collaborated with two honors students to build a middleware interface to the virtualization software. This middleware interface, currently named VASE, “Virtualized Administration of Security Environments,” facilitates the construction and configuration of complete virtualized environments for security exercises. This in turn provides an environment allowing for a build-out to simulate a medium-sized organization that can be replicated for teams of remote students.
To support student teams from remote locations, the system is able to differentiate the replicated environments for each team in regards to network configuration and parameters (specific to the team’s environment). The system includes templates for numerous operating system versions and releases as well as a number of layered software products that can be analyzed for security vulnerabilities. Post-creation scripts can be run to make system specific changes to add intentional security vulnerabilities and weaknesses for experimentation and analysis.
The system was first put into curricular operation during fall of 2011 for the RIT course Cyber Defense Techniques. In this course, teams of students engaged in attack and defend exercises using the virtualization cluster and the support infrastructure. RIT students and faculty used the fall 2011 quarter to manage, test and refine the systems. The results of this first curricular application indicate that all expectations were exceeded.