This project develops QoSec, an extensible middleware framework for computer security course projects. The QoSec framework provides learning materials for undergraduate students related to the design of large-scale trustworthy computer systems. Course projects in QoSec are implemented as plug-in modules of a middleware-based framework. The QoSec framework is the first educational material of its kind designed specifically to teach undergraduate students how to make real-world computing systems more accountable and less vulnerable to attacks.
The project creates a novel middleware-based approach to teaching undergraduate students how to develop large-scale secure software. QoSec addresses several challenges of contemporary computer security education including the lack of novel approaches to study real-world secure computer systems; the need of a holistic platform for constructing computer security projects; and the challenge of using commercial middleware-based frameworks to teach introductory computer security classes. QoSec has an easy interface which allows teaching students the rapid development of security-critical software.
The project has a potential to advance the education of modern university computer security course curricula. Anticipated outcomes include addressing the problem of information assurance skill shortage and preparation of future computer security engineers. Through collaboration with Tuskegee University and Alabama State University, QoSec is used to prepare future minority engineers and scientists with expertise in computer security. The extensible nature of QoSec allows instructors to easily share, expand, and modify their computer security course projects.