SJSU Cybersecurity Cluster Partnerships: NSF STC TRUST
SJSU is a founding partner in NSF’s TRUST (“Team for Research in Ubiquitous Secure Technology”) Science and Technology Center, a partnership of UC Berkeley, Stanford University, Carnegie Mellon University, Cornell University, Vanderbilt University and San José State.
The center was established in 2005, and its mission “is focused on the development of cybersecurity science and technology that will radically transform the ability of organizations to design, build, and operate trustworthy information systems for the nation's critical infrastructure. Established as a National Science Foundation Science and Technology Center, TRUST is addressing technical, operational, legal, policy and economic issues affecting security, privacy and data protection as well as the challenges of developing, deploying and using trustworthy systems.” (www.truststc.org)
Sigurd Meldal serves as co-director of education for the center.
SJSU is committed to creating and maintaining the pipeline of cybersecurity professionals. The university expects to:
Become an NSA/NSEE Center of Excellence for Information Assurance.
Develop an interdisciplinary program involving five colleges that is designed to provide courses/certificates and career development for diverse students, including career changers, veterans and transfer students.
Organize academic enrichment opportunities for K-12 youths and educators.
Build partnerships and raise financial support with industry leaders to provide:
- applied internships for SJSU students,
- mentoring/teaching opportunities for industry leaders,
- targeted training programs for SJSU cybersecurity students, and
- a place on the Cybersecurity Industry Advisory Council for representatives from industry.
San José State is recognized as meeting the NSTISSI training standards of the Committee on National Security Systems
April 17, 2013: San José State has been recognized by the Committee on National Security Systems as meeting the national training standard for Information Systems Security (INFOSEC) Professionals, NSTISSI No. 4011 and 4012.
In the review the committee noted:
“The collective content utilizes and exposes the students to USG policies such as NIST, NSTISS, and also introduces industry certifications such as ISACA, COMPTIA and international ISO standards. The materials included many andvanced topics. Examples include principles of modern cipher systems, understanding security protocols, brute force browsing, cross site scripting and reverse engineering. The Network Security course employs an online lab called 'deterlab,' which simulates buffer overflows, pathname attacks and SQL injections. Other tools used include nmap, snort, nessus, traceroute and netstat. The students also learn about botnet detection, prefix & IP hijacking, as well as securing legacy systems. Examples of supplemental readings include 'Verizon 2012 Data Breach Investigation Report,' 'Controlled and classified data reading and NSA/CSS Storage Device Declassification Manual,' and NIST Special Publications '800-53 and 800-37.'”
“The textbooks and supplemental readings included in the course content provide a foundation of references that are useful for the students’ growth and development and may continue to be so in their future careers. The students are also engaged in numerous online discussion forums and there is useful research, content and additional resources shared among the students primarily led by the instructor to respond to course assignments.
Students discuss many USG policies and processes such as the certification and accreditation process, with the new emphasis on risk management and continuous monitoring. Other course content include wireless, OPSEC/TEMPEST/EMSEC, Vulnerabilities & Threats, Countermeasures, biometrics, PKI, Need-to-Know principles, the importance of education, training and awareness, incident handling, forensics, ethics and laws, and DRP/BCP to name a few. The students perform tasks related to the topics outlined in the curriculum including research and hands-on labs.”
The certification process was managed by an interdisciplinary team from the Colleges of Engineering (Xiao Su, computer engineering), Business (Leslie J. Albert, management information systems) and Science (Melody Moh, computer science).