Using Amazon Web Services in Teaching

[ This is a reposting of my teaching blog post previously hosted on http://users.ox.ac.uk/~coml0454.
NOTE: I no longer teach at University of Oxford and this is a description of how I used to teach the course.]

Summary

In this post I describe the decisions points I have been through as I have introduced AWS-based teaching resources into the course I teach. The post gives a high-level overview of the steps I took to identify, create and distribute the AWS-based teaching resources for use in my course.

Background

I teach the forensics (FOR) module on the Software and Systems Security programme. The week long module includes a number of classroom exercises associated with the extraction and analysis of computer system artifacts. The assignments may also involve the extraction and analysis of computer system artifacts. To encourage understanding of the extraction and analysis process the exercises use Linux and Sleuthkit utilities run from the command line. Linux and Sleuthkit have been chosen as there are no licensing issues associated with their distribution.

Introduction

In designing a course and creating AWS-based teaching resources there are a number of decisions that the teacher will have to make. The decisions fall into two broad categories:

1. The architecture used for the AWS environment;
2. Identification, creation and distribution of the AWS-based teaching resources.

Choosing An AWS Environment and Identity & Access Management Architecture

As discussed above, the course I teach has one week of classroom-based contact time with a mixture of lecture and exercise-based materials used to deliver the teaching. In the following six week period the students undertake an assignment away from the university. I have attempted to design the course so that the students are able to take material with them when they leave the class. For example:

1. The exercise handouts to encourage the student to record the commands that they have used in solving a problem. That way the student has a reference to use as they work on their assignment;
2. The students are able to take copies of the data used in the exercises with them to continue experimentation outside of the classroom.

In light of this, a requirement for my AWS environment is to ensure that the students have access to any material they used and content they created outside of the classroom to enable further experimentation. AWS publish a good white paper entitled “Setting Up Multiuser Environments in the AWS Cloud (for Classroom Training and Research)” here. The white paper discusses the structure of a number of potential AWS environments.

For my course I chose “Scenario 3: Separate AWS Account for Each User”. This environment allows me to create and manage my AWS-based teaching resources in my own account. The students can use a personal AWS account that they already have or create a new AWS accounts. I can either share my AWS-based teaching resources with the students privately via their AWS account ID or by making my resources available publicly in the AWS Marketplace. This environment allows the students to continue using the resources outside the classroom after the week long teaching period has finished without any involvement on my part.

Identifying, Creating and Publishing Amazon Web Services-based Teaching Resources

As with any educational course design, the selection of teaching resources is a trade-off between a number of factors in order to find a solution that allows you to educate and demonstrate one or more concepts. I want to introduce the students to cloud-based solutions as that may be something they have to investigate. At the same time I want to show them how cloud features such as elasticity can benefit forensic analysis. Important factors in my choice of a teaching resource include:

1. Contact time is valuable on any course and so each resource must be flexible enough to demonstrate multiple concepts simultaneously while still allowing the students to explore;
2. The ability to run sophisticated software immediately without having the students waste time setting up the software;
3. Preload large data sets so that the students are able to use them immediately to solve the problems without waiting to copy the data into place;
4. The creation of teaching resources without the need to access classroom-based facilities. At the same time I need to have a high degree of confidence that the teaching resources will work when used in the classroom;
5. Demonstration of good practices. For example, an underlying theme through the course is to conduct forensic analysis in a repeatable and structured manner to demonstrate good practice.

The trade-off for me is the balance between:

1. The ability to provide an environment preloaded with the tools and datasets that the students can reliably take with them after they leave the classroom;
2. The account creation and management overhead;
3. The need to introduce the students to a new ecosystem.

To fully explore the trade-off and to be able to use the AWS-based teaching resources in my course I went through the following steps:

1. Identification of topics and teaching material that can leverage AWS-based resources;
2. Creation of AWS-based teaching resources;
3. Conversion / development of teaching materials to use the AWS-based teaching resources;
4. Testing AWS-based teaching resources;
5. Publishing AWS-based teaching resources.

Identification of Topics That Can Leverage AWS-based Resources

AWS-based teaching resources have the potential of supporting the exercises that the students undertake on my course. In addition they offer the potential of demonstrating techniques that would not be possible simply using the classroom-based resources. I have identified a number of exercises that use the Sleuthkit utilities that can benefit from the elasticity offered by the cloud - preloaded large data sets and the ability to access large storage capacities and powerful processing resources. In addition, the AWS resources offer the capability to prepackage demonstrations of techniques that would not be possible using my own or the classroom-based resources.

Creation of AWS-based Teaching Resources

In creating the AWS-based resources I have been able to build on my experience in creating prepackaged virtual machines (VM) for use on the classroom and student’s personal computers. The AWS-based solution allows the various data sets to be built into the solution whereas the VM-based solution required distribution of multiple DVDs to the students with the VM plus the associated data.

In addition, the creation of the AWS-based resources allows the introduction of secondary themes and topics. A case in point is the Linux filesystem structure. Typically a forensics analysis involves an understanding of filesystems. The Linux directory tree has a formal structure, which is discussed here. My VMs use mount points for the data sets under /mnt as they are linking to external volumes whereas the AWS-based instances have the data pre-installed under ~/ as the data is in the volume. This subtle change gives the students an insight into the file system structure while at the same time presenting the topic in the context for forensic analysis.

Conversion / Development of Teaching Materials to Use the AWS-based Teaching Resources

Simply developing the teaching resources to use AWS capabilities is not likely to be the only impact on the course. In my case the teaching materials, such as instructions and model solutions need to be converted for use with the AWS-based teaching resources.

In addition to creating resources for the students that support the teaching, resources also need to be created that explain how the students will gain access to the AWS environment you have chosen. In my case this will require the students creating an AWS account, if they do not have a personal account available already. This material will also have to explain how the students should manage their identities, credentials and keys.

Test AWS-based Resources

Once the teaching resources and materials have been developed they should be tested. In my case this has involved creating a “student” account and going through the exercises to verify that they run correctly under the intended usage scenario. The test account is not simply an additional IAM user within my main account but a completely separate account with its own IAM user to represent the account a student would have.

In addition to the functional testing of the resources I have tested the resources in the AWS region that they will be used in. The testing needs to ensure that I have copied the resources to the appropriate region and that the resources are accessible in that region and function as intended.

Publish AWS-based Teaching Resources

Once the AWS-based teaching resources have been tested they need to be published. In my case I shall be using the AWS Marketplace as well as private sharing to make the teaching resources available to the students. In addition to considering the public and private permissions associated with publishing the resources it may be necessary to consider other factors such as the AWS regions you want the material to be readily able in. For example, as I live in the USA but teach in the UK, my resources are developed in my local AWS Region but will be used by the students in the EU-West region. Therefore I need to make the resources available in the EU-West region and publish them from there. The testing needs to ensure that these publishing methods work correctly.

Additional Posts

I have written additional posts that give more detail on the different aspects associated with using the AWS environment for my particular course. In the Using Amazon Web Services in Teaching post I give an overview of the AWS environment I created for my course, shown in the figure below.

1. In Setting Up Sleuthkit and Autopsy on an AWS EC2 Instance I describe how I create a master EC2 instance that holds the software and data for the exercises.
2. In Creating an AMI for Classroom Use I outline how I created an AMI for sharing with the students.
3. The instructions Creating and Accessing the FOR2014 EC2 Instance for the FOR Course detail how the students should create an EC2 instance from the AMI.
4. The instructions Accessing Autopsy v2 on the FOR2014 EC2 Instance detail how to configure Autopsy on the FOR2014 EC2 instance for access from the student’s local computer.