Outthinking the
bad guys part of the job at NUCIA
Company A suspects Company B of hacking its
computers and spying on its internal activities. Accordingly, Company A hires
specialists in "Information Assurance" to verify that its security has been
breached—and to help plug the holes.
Once the Information
Assurance (IA) experts begin checking Company A's systems, however, they
discover that Company A is in reality spying on Company B. Was the spying the
result of some organized internal plan to infiltrate Company B? Was it the work
of some rogue employees of Company A, working outside their directive in order
to find ways to advance their own careers? Or, could it have been the work of a
cyber-terrorist cleverly using Company A's computer system to cover his tracks
as he penetrates Company B's systems?
It's a scenario that fascinates fans of
techno-thriller novels—and students of the Nebraska University Consortium on
Information Assurance (NUCIA).
Founded by the Peter Kiewit Institute and the
UNO College of Information Science & Technology, NUCIA (pronounced
"new-sha") has garnered considerable recognition. Most recently, it was
re-designated a National Center of Academic Excellence in Information Assurance
for the academic years 2005-2008 by the U.S. Department of Homeland Security
and the NSA. NUCIA was one of the first 20 centers to receive the designation,
in 2001.
Directing NUCIA is Blaine Burnham (pictured),
a 62-year-old professor and research fellow with a penchant for New Age music,
collectable medallions and Hawaiian shirts. His career has been just as varied.
Burnham worked more than a decade with the National Security Agency (NSA),
serving as division chief of the Infosec Research Council and in other
information assurance roles at the Los Alamos National Laboratory and Sandia
Laboratory in New Mexico. Immediately prior to joining UNO's faculty he was
director of the Georgia Tech Information Security Center.
Burnham characterizes IA as an emerging,
rapidly expanding science that addresses problems in the fundamental
understanding of the design, development, implementation and life-cycle support
of secure information systems.
"It's fun, invigorating, interesting and
compelling," he says. "At its finest it's better than chess. Can you outthink
the bad guy? Can you defeat the bad guy before he knows he's defeated?
Knowledge in IA gives a person the opportunity to work in neat places with some
really neat stuff."
A bachelor's degree in IA is being developed
from its current standing as an area of concentration for IS&T graduate and
undergraduate students studying computer science (CS) or management information
systems (MIS). A degree could provide many career paths in industry,
government, academic and research arenas.
"We offer programs that bring bright young
people along to where they understand how you do and don't build a secure
computer system," Burnham says. "It's in-depth experience that will have lots
and lots of long legs to it."
Brian Wiese earned his bachelor's degree from
UNO in computer science with a minor in MIS and concentrations in Internet
Technologies and IA. He is working toward a master's degree in CS at the Naval
Postgraduate School in Monterey, Calif.
"After I finish my graduate degree, I will
work in civil service to strengthen the IA capabilities of our nation," Wiese
says, "and quite possibly make a long career out of it."
NUCIA, he says, helped chart his future.
"NUCIA has been the catalyst to strengthen my academic understandings and my
professional entrance into the IA world through internships with Lockheed
Martin, Sandia National Labs in California and the Department of Defense.
Personally, I've been excited, inspired and thoroughly prepared to pursue my
career aspirations with a strong foundation in computer science and IA."
Sophie Engle, who received her bachelor's
degree in computer science in 2002, is studying for her doctorate at the
University of California, Davis. She became involved in NUCIA through mentoring
and independent study courses with Burnham and Ken Dick, telecommunications
chair.
Engle says NUCIA gave her valuable experience
conducting and critiquing research and presenting her findings to industry professionals.
"Without my experiences at NUCIA," she says, "I doubt I would be in graduate
school."
Students utilize two high-tech, well-outfitted
labs at IS&T. The Security Technology Education and Analysis Laboratories
(STEAL) are continuously monitored and completely isolated from university
production networks and the Internet.
As part of their study, students learn about
ways to attack information systems. Due to the potential harm through the
misuse of such information, they are required to sign an ethics statement.
"Basically, it says that they know the difference between right and wrong, that
they won't do wrong, and that if they can't tell the difference, they'll stop
and ask," Burnham says. "That's not complicated."
The scope of NUCIA is purposely designed to be
inclusive and broad. In addition to traditional technical areas of information
assurance, NUCIA students work in CS and MIS, criminal justice, public policy,
law, national and international security, cyber terrorism, health informatics
and privacy.
If approved, an undergraduate degree in IA
would afford students the opportunity to fulfill their general requirements by
including several focus areas of study—Middle Eastern, Eastern European,
Post-Soviet Eurasia, Latin America and Western Pacific.
"That way, you'll come out of this with a
cross-cutting view of some geo-political environment other than your own,"
Burnham says. "We think our direct effort to foster a broader understanding
will pay remarkable long-term dividends for our students throughout their
lives."
Such a broad overview is beneficial to NUCIA
students, says Megan Benoit, who earned her bachelor's in CS from UNO in May
2002. She currently is employed as an information assurance engineer with an
Omaha-area Department of Defense contractor.
"NUCIA taught me the value of having
individuals with similar interests and drives around, even if all you were
doing was bouncing ideas off of each other," Benoit says. "I learned to see IA
in ways I never really thought of before, to consider problems from angles I
had never thought of. I learned to understand that IA is more than just
'information security' or 'computer security,' and that it has value beyond
what companies typically label as simply, 'return on investment.'"
She says she draws upon the knowledge she
gained at UNO and NUCIA every day to do risk analysis, evaluate new
technologies and examine current architectures and ways of doing things.
"Without that fundamental knowledge and understanding of how computer systems
and networks work, and how IA fits into each and every aspect of an
organization, I would certainly not be as effective, or my talent as valued,"
Benoit says.
Her appreciation goes to the top. "It takes
world-class individuals to make a world-class program, and I cannot thank Dr.
Burnham enough for working with UNO to produce an IA program to be proud of,"
she says. "Dr. Ken Dick is another world-class individual. I learned everything
I know about computer networks from him, and I can't count the number of times
I use that information in a day.
"There are many others involved with NUCIA who
help make the program one of the best, and current and future students at UNO
should consider themselves lucky to have the opportunity to learn from them."
Although developing and teaching such a
high-security, cutting-edge field of study appears complicated, Burnham has a
way of simplifying it.
"I see myself as a value-added reseller," he
says. "I want students to understand what technology can and can't do regarding
the need to protect information. I want them to understand how to help
organizations act and behave according to their own rules.
"And," he adds, smiling, "I teach kids it's
important to shred your garbage."
Back to Top
Making
connections for a 'Wireless Omaha'
Imagine a free, secure, city-wide wireless
infrastructure that would allow you to use your PDA to send and receive emails
while your children play at an Omaha park. Or check from your laptop the
arrival of a friend's flight at Eppley Airfield as you run last-minute errands
around town.
That's the goal of "Wireless Omaha," a project
headed by Hesham Ali of UNO's College of Information Science & Technology
(IS&T). Ali is a professor of computer science and associate dean for
academic affairs at the college.
Wireless access throughout the city would be
useful to local residents and could also advance the image of Omaha as a rising
star in the world of information technology. "Several other cities have
undertaken similar projects but on different, more limited scales," Ali says.
"Omaha would probably be the first city with this kind of major wireless
infrastructure. This kind of service would integrate very well with the city's
efforts to attract information technology companies and employees."
Ali emphasizes that
the free service is meant to complement what the city's wireless service
providers currently offer.
"We are not in competition for their business.
We want to work together with businesses as our partners, including the major
communication providers.
"As we have designed it, the infrastructure
does not support running a business or transferring a large amount of data. It
is meant to allow users free connectivity for basic, simple data transfers,
like checking email or visiting a website."
Wireless Omaha sprang from another project,
"Wireless Nebraska," partially funded by the National Science Foundation. That
project, which would involve creating high-speed wireless access throughout the
state, is awaiting completion of the Wireless Omaha project, Ali says.
Wireless Omaha is being implemented in phases.
The UNO campus has the infrastructure, as does Rosenblatt Stadium, which was
completed in time for the 2005 NCAA Men's College World Series. It was utilized
by sports journalists and spectators to check emails and send brief messages,
Ali says.
The current phase involves establishing the
infrastructure in the downtown and riverfront areas, as well as in some
inner-city parks.
"By placing the free service in low-income
areas of the city, we could address the issue of a digital divide existing
between those areas and other areas of Omaha where Internet access is more
readily available.
"We plan to create pockets of service, then
work to connect those pockets. Along the way, we will piggyback off existing
wireless facilities, such as those in other educational facilities around the
city."
Wireless Omaha would work to ensure that the
security and separation for businesses that allow use of their networks would
be preserved. Software, filters and other measures would provide logical
separations between business and public use, and attempt to eliminate the
possibility of the free wireless service being used for improper or
inappropriate activity.
The infrastructure may actually work to
prevent and solve some crimes, Ali says. "For example, sensors could be placed
in laptop computers and other expensive equipment and if the equipment was
stolen, this kind of wireless infrastructure could track the stolen items."
Ali hopes to complete the "community network"
of Wireless Omaha within two years.
IS&T students have been involved in every
aspect of the project since its inception, from installing the infrastructure
at Rosenblatt Stadium to simulating actual environments at the college's
testbed facility.
"They solve real-time, real-world problems
like equipment placement, connectivity to access points and how to avoid
interference with other signals," he says.
"And, in the case of the Rosenblatt
installation, they got free tickets to attend some of the ballgames."
Back to Top
IT
doctoral program garners national attention
Halbana Tarmizi says he didn't want either/or.
He wanted both.
And so it was that the Indonesian native with
degrees from Germany's Aachen University of Technology and Michigan State
enrolled in UNO's College of Information Science & Technology. Here he is
pursuing a Ph.D in information technology, a program that uniquely combines
study in information systems and computer science.
"Normally, what you see is either a Ph.D.
program in IS or one in CS," Tarmizi says. "This Ph.D. in IT offers the ability
to get both perspectives, and I like this.
"With the CS and IS
departments under one roof at UNO, it makes it possible for us to take courses
and to get involved with research in both fields. Furthermore, since this
program was new, it gave us more freedom in choosing our research and courses
based on our real interest."
The doctoral program is new to UNO and to the
world, says Mansour Zand, professor of computer science and director of the
Ph.D. program.
"When we started with this idea seven years
ago, there probably wasn't any Ph.D. in information technology being offered
anywhere," he says. "Last year, I was at a conference when the associate dean
of another college of IT came up and told me they got the model for their
program from UNO."
After a nearly five-year approval process,
UNO's Ph.D. in IT program began in the fall of 2003 with 10 students. It since
has grown to 22 students, with the first graduate expected in 2007 or 2008.
Interest in the program is high—and competitive; the candidate acceptance rate
is between 30 percent and 35 percent.
The program is motivated by the non-traditional
model behind the formation of the College of IS&T, which combines computer
science with information systems. The Ph.D. in IT integrates the theory and
practice of applied computing, information systems, Internet technologies and
the advances in telecommunications and management of information technology.
The vision of the doctoral program is to
combine the disciplines of computer science, information systems, software
engineering and telecommunications to develop technology specialists who are
uniquely positioned to advance research and practice in contemporary
technologies.
"We are looking for candidates whose eventual
goals are leadership in IT organizations or research in academic life," says
Ilze Zigurs, professor of management information systems and former director of
the Ph.D. program. "This program prepares people for being scholars who
understand the leading edge in IT and to develop into leaders either as
educators or corporate managers."
The program is drawing applicants with heady
credentials, Zand says.
"One measure is the quality of the students we
attract, the quality of their work and the fact that many are already
publishing," he says. "It's quite impressive."
Being new and interdisciplinary, the program
requires collaboration among many different faculty to develop and teach
seminars in an integrated way.
"I'd say 90 to 95 percent of some of the
courses we offer are 'homemade' courses," Zand says. "The IT field is not
defined, and this presents a great challenge."
Zigurs says the interactive process of
designing every aspect of the degree program poses challenges for the faculty
and the students but promises great rewards.
"Working together to develop these courses
creates a synergy," she says. "We really are defining the forefront of this
interdisciplinary field. That's exciting."
The rewards extend beyond campus, too. Zigurs
says the program provides many opportunities for area corporations to sponsor
Ph.D. students or utilize their unique experience in a full- or part-time
capacity. "For instance," she says, "if
they have an issue concerning methodologies for systems development, wouldn't
it be useful to have someone there to offer an objective view and make
recommendations for a strategy taking into account leading-edge alternatives
and knowledge?"
Active research clusters in data mining,
bioinformatics, software engineering, collaboration technology, information
security, wireless and sensor communication and project management provide for
interesting study, says doctoral student Tarmizi. "If you prefer to do
something that you like and to have flexibility in shaping your research and
study, then this program is highly recommended," he says. "And it seems to me
that Omaha businesses really support this UNO program."
Tarmizi, it appears, is having it all—and then
some.
Back to Top
