In addition to 20 years of industry experience, Eric Wheeler holds a Master of Science Degree in Computer Science from Portland State University and a Graduate Security Certificate certified by the National Security Agency (NSTISSI-4011). In addition, Mr. Wheeler actively researches, designs, and implements network and computer and telephone security systems.
To understand Eric’s background, one must understand what it means to attain a Master of Science degree and NSTISSI-4011 certificate through Portland State University. Formal education provides a foundation for twenty years of industry experience, so this discussion scratches only the surface of his experience, skill and expertise.
Portland State University is one of the leading institutions for Computer Science; its students and faculty and continue to publish industry leading papers on a diverse set of topics.
PSU has been recognized as a Center of Academic Excellence (one of 50 in US) by the National Security Agency since 2003 and provides the National INFOSEC Education and Training Program (NIETP) as specified by NSTISSC Training Standard 4011. In addition, the Master of Science program in Computer Science is recognized by the Committee on National Security Systems. Little more needs to be said on the subject, and it is clear that the Computer Science Department at PSU holds a top-notch program.
Obtaining a Master’s degree in Computer Science at Portland State University requires the completion of one degree track; not to be outdone, Eric completed three: Security, Systems, and Theory, in addition to the NSTISSI-4011 NSA certified graduate certificate.
Each degree track requires the completion of a series of courses designed to provide specific training in that subject. Each graduate-level course taken to achieve this is detailed below in alphabetical order. (Course descriptions are taken from the CECS Course List and Eric’s comments are in italic.)
- Advanced Technical Writing – Professor Tracy Dillon – [This course] assumes that participants have completed introductory technical writing and technical report writing courses and have vocational interests in the field. In other words, you likely are a “professional” professional writer, whether you intend to become a technical writer or to exercise your writing skills in order to enhance your ability to achieve personal and career goals. On the most fundamental level, [this course] promotes writing as a process for exchanging ideas, expressing yourself, and contributing to an existing body of knowledge in your field. The course also asks you to think epistemologically about the writing you do and receive. You have two primary writing assignments that should take up most of your time. You’ll write an article and try to get it published, and you’ll complete a discourse community journal.
- Applied Security Practicum – Professor Mark Morrissey – Practical study of good security practices in software. Issues of correctly implementing security strategies, including why some strategies fail. State-of-the-art implementation techniques and appropriate conditions under which these techniques apply (or not). Students will appy concepts from software engineering, cryptography, and security theory to a non-trivial project that will stress correct secure programming techniques. Specifically, we implemented PKCS v2 from scratch.
- Computer Architecture – Professor Herb Mayer – Processors, memory hierarchy, and bus systems. Multi-level caches and cache coherence in MP systems. Arithmetic algorithms. RISC vs. CISC instructions, pipelining, and software pipelining. Superscalar, superpipelined, and VLIW architectures. Connection networks. Performance evaluation, simulation, and analytic models. Performance enhancement through branch prediction and out-of-order execution.
- Concepts of Operating Systems – Professor Jonathan Walpole – Survey of concepts and techniques used in modern operating systems. Sample concepts covered are concurrency, IPC’s scheduling, resource allocation, memory management, file systems, and security. Techniques for implementing operating systems taught through a programming project.
- Cryptography – Assistant Professor Thomas Shrimpton – This is a course in modern cryptography emphasizing formal definitions and proofs of security. Core topics include private- and public-key schemes for encryption and message authentication, cryptographic hash functions, and authenticated encryption schemes. Additionally, the course may include some analysis of the DES and AES block-ciphers, and real-world security protocols such as WEP, SSH/TLS and IPSec.
- Inter-networking Protocols – Professor Manoj Garg – Advanced study of the protocols and algorithms used in the Internet (IETF) family of networking protocols. For example, ARP, IP, UDP. TCP, multicast, routing protocols like RIP and OSPF, and application protocols like DNS, NFS, SNMP, FTP and HTTP. Issues such as addressing, name service, protocol design, and scalability will be explored.
- Introduction to Database Management – Professor Lois Delcambre – Introduction to fundamental concepts of database systems at the graduate level. Database system architecture; relational data model and languages; data modeling; normalization theory; transaction management; security; object databases; data warehouses; deductive databases.
- Introduction to Security Professors James Hook and Jim Binkley – Provides a broad overview of computer security. Provides a solid theoretical foundation, as well as real-world examples, for understanding computer security. Fundamental theoretical results, foundational models, and salient examples will be covered. Security in computer operating systems, networks, and data will be covered, with emphasis on operating system and program security.
- Malicious Code and Forensics – Instructor Francis Chang – This course will study the motivations of malicious code developers and the common weaknesses exploited by such code. The course will then move in to a forensics analysis of techniques for protection and recovery from such malicious code. Students are expected to gain insights into the field of computer forensics, specifically approaches for the identification and remedy of malicious code.The course project was to instrument arbitrary code execution attack via stack overflow on existing binary application code
- Network Management & Security – Jim Binkley – This is an advanced study of network security. Topics include historical and recent network-based attacks including denial of service attacks, a study of network security monitoring procedures including anomaly and signature-based detection, firewalls, and an in-depth study of defensive techniques at various layers of the ISO stack, including modern cryptographic protocols like IPSEC, SSL, and other application-layer security protocols.
The course was organized as a network-lab capture the flag game: Secure and protect your system— and break into the other teams’ systems. There were 5 teams total, ours and four others. The team I led fully compromised two teams’ systems (gained root access) and maintained full access to all four of the other teams’ “secure” website page where they reported their status to the Professor. Our team lead the project with 210 “points” for various attack forms, more than double the next team in the running.
- Parallel Algorithms – Professor Laszlo Csanky – Definition and nature of parallel computation. Parallel computation from the point of view of hardware/architecture, program/scheduling, and algorithms. Why and how parallel computation is different from serial computation. Examples to highlight the differences. Parallel algorithms in general: illustration of the most important features and techniques. Illustration of the limitations. A survey of major results, general form of results, and limitations on speed-up.
- Parallel Programming – Professor Jinke Li – An introduction to parallel programming concepts and techniques. Topics include: parallel programming models and languages, share-memory programming, message-passing programming, performance models and analysis techniques, domain-specific parallel algorithms.
- Programming Languages – Professor Sergio Antoy – In-depth study of current and historical issues in the design, implementation, and application of programming languages. Topics range from basic to advanced. Areas include syntax, semantics, scoping, typing, abstraction, exceptions, and concurrency. Computational paradigms such as functional, logic, and/or object-oriented are analyzed. Several “recent” programming languages are used.
- Relational Database Management – Professor Lois Delcambre – Definition and nature of parallel computation. Parallel computation from the point of view of hardware/architecture, program/scheduling, and algorithms. Why and how parallel computation is different from serial computation. Examples to highlight the differences. Parallel algorithms in general: illustration of the most important features and techniques. Illustration of the limitations. A survey of major results, general form of results, and limitations on speed-up.
- Special Topics in Networking – Professor Suresh Singh – This course surveyed a wide variety of published modern academic and industry papers covering topics of Internet security, measurement, anomalies, broadband and wireless technologies.
- Theory of Computation – Computability theory: study of models of computation (Turing, Church, Kleene), recursive function theory, properties of recursive, and recursively innumerable sets.
- Wireless Network Concepts – Professor Suresh Singh – Students will be introduced to emerging wireless networks with particular emphasis on protocol analysis. Using probabilistic and simulation techniques, the performance of protocols such as ALOHA, CSMA, and 802.11 will be studied. In addition, challenges related to multi-hop wireless networks will also be studied in some detail. The impact of wireless channels on higher layer protocols such as TCP will be described and proposed solutions discussed. Issues relating to the use of adaptive antenna arrays and directional antennas in wireless networks will be studied in some depth.
eWheeler, Inc. operates dba Global Linux Security for national and international customers, and dba Portland Linux Support for local support in Portland Oregon, who sometimes prefer on-site service.