Abstract:
There are increasing demands for IT security education which could be partly met by easier access to IT security laboratories. This paper proposes the use of ‘Infrastruct...Show MoreMetadata
Abstract:
There are increasing demands for IT security education which could be partly met by easier access to IT security laboratories. This paper proposes the use of ‘Infrastructure as Code’ (IaC) as a central building block for introducing dynami-cally adaptable teaching scenarios to laboratories in the context of IT security. The decision was made based on our didactical concept (which is built on Bloom's Taxonomy). The concept we propose is intended for use in a virtual laboratory, where the whole laboratory set-up is distributed over and contained within virtual machines. This way, we are able to build realistic, complex teaching scenarios. After comparing multiple IaC solutions, we decided to build our implementation on Terraform. The most important building blocks written in Terraform are presented. In addition, a user interface was created to meet demands of students and teachers. We will describe example teaching scenarios including one where students are tasked with gaining access to vulnerable data via a 2-step attack.
Date of Conference: 01-04 May 2023
Date Added to IEEE Xplore: 22 May 2023
ISBN Information: