د/ايمان زغلول قاسم

استاذ تكنولوجيا التعليم المساعد بكلية التربية بالزلفي

DISCUSSION

DISCUSSION
The main strengths of the Lego-based approach are twofold:
attract the interests of students and improve the understanding
of security protocols. First, it is essential to the
success of information assurance education that we can
attract and retain the interests of students. Both the survey
and user studies in our evaluation demonstrate that the
combination of 3D digital Legos and the text-based
approach is the best solution for students to accept. We
also emphasize this strength by providing several features
to our Lego system, including the flexibility to change
primitive designs and the 3D interaction methods that
simulate real-life Lego experiences.
Second, the Lego toys promote children to recognize
individual shapes and the matching relationships among
different blocks. Similarly, our approach constructs digital
Legos to help students identify individual security
primitives and improve their understanding of the
relationships among primitives and protocols. Our user
studies evaluate two important aspects, primitive identification
and memorization, since they are directly related to
our objectives. A good understanding of the relationships
among security primitives and protocols cannot be
separated from the understanding of individual primitives.
During our development process, we explore different
designs of primitives, such as the shapes of key words and
similar shapes from objects in real-life, to help students
link the protocol contents to the shapes of the Lego blocks.
The evaluation results demonstrate significantly better
primitive identification performance of our Lego-based
approach compared to the traditional text-based approach.
We believe that once students are familiar with the
primitive pieces, better recognition can lead to better
memorization of protocol details, and thereby improving
the understanding of security protocols. We plan to design
more user studies to evaluate other aspects of protocol
understanding in the future.
In addition to these impacts, our approach also has the
potential to help students understand the linkage between
the protocol design and its vulnerabilities. Here we use the
man-in-the-middle attack as an example to illustrate the
potential. A security protocol is vulnerable to the man-inthe-
middle attack when the receiver cannot verify the
authenticity and integrity of a message. For example, when
A sends its identity and public key in plain-text to B, an
attacker on the path can switch A’s public key with its own
public key. Under this attack, any messages that B intends
to send to A can be read by the attacker. We have integrated
our digital Lego system with the knowledge model for
security protocols [24] to illustrate these attacks. As shown
in Fig. 8, for every entity, both its initial knowledge when
the protocol starts and the latest knowledge as the protocol
proceeds, are shown on the left bottom panel. Therefore, we
can combine the content of a message and the latest
knowledge of its receiver to identify the components that
the receiver cannot verify or authenticate. These components
are then labeled in a special color to show that an
attacker could have changed their values and a man-in-themiddle
attack might exist. Note that this functionality is not
dependent on any specific protocols. In fact, we have
adopted this technique in our undergraduate level security
course to allow the students to understand and compare the
man-in-the-middle attacks and type flaw attacks on the key
exchange protocols such as Diffie-Hellman and Needham-
Schroeder public key protocols.
8 CONCLUSION AND FUTURE WORK
To improve the information assurance education, we have
developed a digital Lego system for demonstrating and
practicing important security concepts. We carefully design
our digital Lego sets to provide a generic representation of
security protocols. Our approach applies the pedagogical
methods learned from toy construction sets by treating
security primitives as Lego pieces and protocols as
construction results. With our digital Lego sets, we have
developed a prototype system and supporting instructional
materials. We have also designed and performed evaluations
to assess this Lego-based approach and found
encouraging results and feedback.
In the future, we plan to introduce our digital Lego
approach and course materials gradually into the introductory
level security courses. We have collected a list of
security protocols that are widely adopted in information
assurance education. We will apply interactive visualization
techniques to develop supporting functions and integrate
them into a more comprehensive experiment environment.
We plan to publish our course materials and Lego system
online to share with other researchers and educators. We
will also continue to perform formal user studies to gather
data from larger groups and evaluate the effectiveness of
the Lego-based approach on aiding students to understand
security protocols. The results of the user studies will be
used to improve our Lego-based approach, so that security
knowledge can be introduced to a broader population.
ACKNOWLEDGMENTS
The authors thank the editors and reviewers for their
valuable comments. This research was supported by DOE
DE-FG02-06ER25733, NSF 0633150, and NSF 0754592

الوقت من ذهب

اذكر الله


المصحف الالكتروني