Using pre-release software to SPUR student learning
Pages 143 - 148
Abstract
ACM President David A. Patterson's recent "manifesto" calls on IT and computer professionals to focus their attention on the neglected areas of security, privacy, usability, and reliability (SPUR). We report on a recent classroom exercise designed to increase students' awareness of and engage their interest in addressing SPUR concerns.IT students at George Mason University, as part of their senior design project course, were given the opportunity to perform hands-on testing of pre-release security software being developed by Hewlett-Packard Laboratories. Over two class sessions, forty students were tasked with testing a research prototype application designed to limit harm from malicious code. Results from this experience suggest that hands-on access to pre-release software can provide an effective vehicle for enhancing student understanding of the challenges of meeting the interlocking goals of security, privacy, usability, and reliability. The faculty observers noted additional beneficial side-effects of this exercise. Working through bugs, designing experiments to test ideas, and analyzing the interface served as a whetstone to sharpen students' trouble shooting skills and critical thinking abilities.We conclude that IT undergraduate programs should consider the incorporation of a hands-on software evaluation module that stresses the principles of the SPUR manifesto. Such a module can make use of open source software where commercial pre-release software is not available. This could be incorporated into a projects class, human-computer interaction class, or software development class as appropriate to a particular program.
References
[1]
Karp, A. H. "Enforce POLA on Processes to Control Viruses," Communications of the ACM, 46:12 December 2003.
[2]
Marchant, A., E.H. Sibley and H.T. Daughtrey, Jr., "Building Undergraduate Security Curriculum," ASEE Proceedings, 6/22/04.
[3]
Miller, M.S., B. Tulloh and J.S. Shapiro, "The Structure of Authority: Why security is not a separable concern," Multiparadigm Programming in Mozart/OZ: Second International Conference, Springer-Verlag LNCS 3389, 2005.
[4]
Patterson, D.A. "20th Century vs. 21st Century C&C: The SPUR Manifesto," Communications of the ACM, 48:3, March 2005.
[5]
Saltzer, J. J. and M. D. Schroeder, "The Protection of Information in Computer Systems," Proceedings of the IEEE 63(9), September 1975, p. 1278--1308.
[6]
Stiegler, M., A.H. Karp, K.P. Yee, and M.S. Miller, "Polaris: Toward Virus Safe Computing for Windows XP," HP Labs Technical Report, HPL-2004-221, 2004.
[7]
Whittaker, J. A. How to Break Software: A Practical Guide to Testing, Boston: Addison-Wesley, 2003.
[8]
Whittaker, J.A. and H. H. Thompson, How to Break Software Security: Effective Techniques for Security Testing, Boston: Addison-Wesley, 2004.
[9]
Yee, K.P. "Aligning Usability and Security," IEEE Security & Privacy, Sep 2004, 48--55.
Index Terms
- Using pre-release software to SPUR student learning
Recommendations
From a technology graduate to a competent IT teacher
Information Technology (IT) has become pervasive in our society and it is playing an increasingly important role in education. There is a growing expectation that teachers will be able to make effective use of IT in all facets of their work in schools. ...
Developing an IT curriculum for the small, liberal arts college environment
CITC5 '04: Proceedings of the 5th conference on Information technology educationThis paper presents the process that was followed to develop an Information Technology (IT) curriculum for a small, liberal arts college. The development of such a curriculum presented its own unique challenges that had to be addressed. The vast ...
Defining the information technology workforce from the educational perspectives: a pilot study
CITC5 '04: Proceedings of the 5th conference on Information technology educationThis paper reports the results of a pilot for a study that will investigate the scope of work practices performed by the information technology workforce (ITWF) and utilize the understanding developed from this investigation to inform the implementation ...
Comments
Information & Contributors
Information
Published In
Copyright © 2005 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 20 October 2005
Check for updates
Author Tags
Qualifiers
- Article
Conference
SIGITE05: ACM Special Interest Group for Information Technology Education Conference 2005
October 20 - 22, 2005
NJ, Newark, USA
Acceptance Rates
Overall Acceptance Rate 176 of 429 submissions, 41%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 202Total Downloads
- Downloads (Last 12 months)1
- Downloads (Last 6 weeks)0
Reflects downloads up to 08 Mar 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in