The Social and Behavioral Sciences programs are designed for people with a passion for making a difference in the lives of others.
Whether you are on your way up the corporate ladder or just getting started, our business degree programs and certificates could help you prepare to take your business career to a higher level.
Whether you want to enter the field of criminal justice or need credentials to advance your career, Kaplan University's criminal justice degree programs are designed to help you achieve your goal.
Our degree programs and certificates could help prepare you to teach diverse learners a broad range of academic content and educational foundations.
Our comprehensive fire science programs offer the flexibility of online learning, ideal for individuals in the fire science and emergency management fields who may work inconsistent hours.
You could acquire real-world knowledge and practical skills and prepare for a career in the health care industry by earning a health sciences degree, diploma, or certificate.
Our programs in legal studies, paralegal studies, and environmental policy are designed to fit your educational goals.
Our nursing degree and certificate programs are taught by practicing professionals who are dedicated to helping you prepare for real-world challenges in nursing.
Kaplan University's IT programs are designed to prepare you with the knowledge and skills you need to start or advance your technology career.
Kaplan University offers over 180 degree and certificate programs all available to military, veterans, and spouses of active duty members. In addition, several programs have been developed to complement specific military occupations or programs established by the military.
The Kaplan University School of General Education courses support the academic, social, personal, and professional development of learners throughout their engagement with the University.
Open College at Kaplan University (OC@KU) offers individualized, affordable education that integrates technology and personalized service to help learners meet their career, academic, and personal goals.
Offering the flexibility of online education and support for military students.
Every day, talented individuals are proving it's never too late to think about the future.
Learn more about becoming an international student at US-based and accredited Kaplan University.
Learn about transferring your previously earned college credits to Kaplan University.
We have partnered with many employers and educational institutions to provide their employees and students with education opportunities.
Corporate and Academic Partners
Kaplan University is dedicated to the support, engagement, and involvement of our graduates.
Resources for current Kaplan University students.
We have 15 ground locations across the country. Explore our locations to see if we're in your neighborhood.
Learning Center Experience
By Rhonda Chicone, School of Business and Information Technology
No one can dispute that software is everywhere; just pick up
your smartphone and take a look at the applications you have
installed. Some reports suggest that by 2017, there will be more smartphones in
the world than people. Yet smartphones are old news. These days we’re hearing a
lot about the “Internet of Things” (IoT),
which includes embedded software systems that control wearables (a Fitbit or
Apple Watch, for example), software that controls machines that talk to other machines,
and smart sensors that are making household environments intelligent and
responsive. The smartphone and IoT widgets are great, and software is what
makes them come alive. The demand for highly skilled software developers will
continue to rise, as software will be in virtually everything as we move
forward as a society; it can’t be stopped. Our world is now connected and
technology has been integrated into our lives.
Go back to your smartphone. Do you happen to have a banking
application on it? If not, let us imagine you do. Imagine a scenario where the
banking application has a flaw (otherwise known as a bug) that is not detected
by the end user (you). In cybersecurity terms, there are certain types of bugs that
expose a software application weakness or vulnerability.
These types of software vulnerabilities are typically caused by the software developer
doing something wrong when he or she is coding the software application. Certain
types of software vulnerabilities can cause major harm. People are targeted
every single day. For example, ZeuS, a well-known banking malware (malicious
software), was originally discovered in 2007 and targeted Microsoft Windows–based
computers. Several variants have appeared since then, including Zitmo, which takes
aim at mobile users (Maslennikov, 2011).
Let us get back to your banking software application. Cybercriminals
love software applications that have weaknesses or vulnerabilities. They are
motivated to take advantage or exploit
the vulnerabilities and to cause harm. Here is an example: a cybercriminal
tricks your smartphone into thinking it is communicating with a trusted company’s
server or computer; the trusted server thinks it is communicating with you. Instead,
the cybercriminal sits between you and your bank and eavesdrops on your network
traffic. You wouldn’t know the cybercriminal was monitoring your transactions until
it is too late. In the cybersecurity domain this is called a man-in-the-middle attack (MITM).
Those of you who are technically savvy may be saying, “What about
SSL or TLS?” Secure Sockets Layer (SSL) and Transport Security Layer (TLS) are cryptographic
software protocols that secure information traveling over a computer network
(remember the Internet is a gigantic network of computers). To use SSL/ TLS correctly,
organizations (or individuals) purchase a certificate
from a Certificate Authority (CA). In this example, your bank would purchase
the SSL/TLS certificate from a CA, and it would be installed and configured on
your bank’s web server (the web server is a software application that resides
on a physical server/computer). When you browse to a website and ‘https’ is
used in the web address (https://www.myfavbank.com)
(or you see the little lock icon) the “s” means that your bank uses SSL/TLS. Popular
browsers like Chrome, Firefox, Safari, Internet Explorer, etc., are software
applications that use SSL/TLS certificates correctly.
One of the first steps in
using SSL/TLS correctly is to validate the certificate to be sure that the CA
digitally signed it, as that means it can be trusted. The banking software
application that you have been using on your smartphone also uses only trusted certificates in a similar way to
your web browser. Now imagine if the certificate was not validated correctly in
the banking software application. This would mean your banking information (username,
password) is traveling over the Internet unprotected.
such as not validating a good certificate or trusting a bad certificate, could be
caused by poor software development or software testing procedures. In 2014, a cybersecurity
researcher at the Software Engineering Institute’s CERT Coordination Center
(CERT/CC) created an open source tool (a set of existing software applications packaged
together and made available to the public) to help detect MITM vulnerabilities
like the one in the banking software application example. The researcher
automated the software system and tested 1 million applications and found
23,000+ Android software applications didn’t validate the SSL/TLS certificate correctly
Software is everywhere; we live in an interconnected world. It
is important that software developers adopt a security-first mindset. Secure software development practices existed long before we had the World Wide Web, the smartphone, and the IoT.
the way these practices were forgotten in favor of profitability, "release
early, release often" philosophy, a “good enough” attitude, a new generation of developers
slapping code on existing frameworks they don’t understand, exponential growth
of computing power, outsourcing, etc. There are too many reasons to list. However,
in the banking software application example, I argue that if the software developer simply used basic error checking techniques, the vulnerability would not
exist to be exploited by a cybercriminal. If these types of vulnerabilities were
reduced, then cybercrime could be reduced as well. So, are software developers the
Achilles’ heel in the cybersecurity domain? I’ll leave that up to you to answer.
Dormann, W. (2015, August 21). Announcing CERT Tapioca for MITM Analysis.
Message posted to http://www.cert.org/blogs/certcc/post.cfm?EntryID=203
Maslennikov, D. (2011). ZeuS-in-the-Mobile – Facts and
Theories. Retrieved from https://securelist.com/analysis/publications/36424/zeus-in-the-mobile-facts-and-theories/
KU Facebook Page
KU Twitter Page
KU YouTube Channel
KU Google+ Page
KU LinkedIn Page
KU Pinterest Page
KU Instagram Page
Registered User Login
Student Consumer Information
LEARNING AT KAPLAN UNIVERSITY