skip to main content
10.1145/1121341.1121348acmconferencesArticle/Chapter ViewAbstractPublication PagessigcseConference Proceedingsconference-collections
Article

Teaching a web security course to practice information assurance

Published: 03 March 2006 Publication History

Abstract

This paper presents a hybrid teaching approach, a new Web Security course as well as how to use the hybrid approach to teach the Web Security course to practice information assurance. The hybrid teaching approach contains three key issues that are keeping the lecture materials up-to-date, assigning former research projects as comprehensive team projects, and connecting classroom knowledge with real world web applications. We have applied this approach to the teaching a Web Security course and achieved excellent results. Our experience exhibits that integrating education, research and web applications into the Web Security course to practice information assurance are essential for a sound security education. Using this approach instructors connect knowledge in the classroom to real world applications, attract students to the security area, and train students to become information assurance professionals.

References

[1]
Bishop, M. Introduction to Computer Security. Addison Wesley, 2005.
[2]
Rao, G.S.V.R.K. Threats and security of Web services - a theoretical short study. In Proceedings of IEEE International Symposium Communications and Information Technology, 2004, 783--786.
[3]
Rolf, O. Security Technologies for the World Wide Web. Artech House, 2002.
[4]
Rubin, A. D. and Geer, D. E. A Survey of Web Security. Computer, Vol. 31, Issue 9, 1998, 34--41.
[5]
Rutschman, D., Yu, H., Emmanuel, N. and Wang, L. WebGISRCI: A Web-based GIS Road Closure Information System. In Proceedings of the Int. Conf. on Information and Knowledge Sharing, November 2002, 167--172.
[6]
Scott, D. and Sharp, R. Developing Secure Web Applications. IEEE Internet Computing, Volume: 6, Issue: 6, Nov.-Dec. 2002, 38--45.
[7]
Scott, D. and Sharp, R. Specifying and Enforcing Application-Level Web Security Policies. IEEE Transactions on Knowledge and Data Engineering, Vol. 15, No. 4, July 2003, 771--783.
[8]
Stallings, W. Cryptography and Network Security Principles and Practice. Prentice Hall, 2003.
[9]
Steele, G. and Stojkovic, V. An Information System Security Course for the Undergraduate Information Systems Curriculum. Information Systems Education Journal, Vol. 2, No. 3, 2004, 3--14.
[10]
Striletchi, C. and Vaida, M. F. Enhancing the Security of Web Applications. In Proceedings of the 25th International Conference on Information Technology Interfaces, June 2003, 463--468.
[11]
Yu, H., Zhang, J., Wang, L. and Barksdale, J. A Secure Web Application: 3D Visualization and Collaboration. In Proceedings of The 2nd IASTED International Conference on Communication, Internet, and Information Technology, November 2003, 13--18.
[12]
Zhou, B. An Integrated Web Security System. In Proceedings of 14th International Workshop on Database and Expert Systems Applications, September 2003, 204--208.

Cited By

View all
  • (2024)Advanced Network and System Security TeachingElectronics10.3390/electronics1401000314:1(3)Online publication date: 24-Dec-2024
  • (2021)Incorporating active learning activities to the design and development of an undergraduate software and web security courseJournal of Computers in Education10.1007/s40692-021-00194-9Online publication date: 16-Jun-2021
  • (2007)Bridge Information Assurance Education Gap between the Majority and Minority Universities through Collaboration6th IEEE/ACIS International Conference on Computer and Information Science (ICIS 2007)10.1109/ICIS.2007.70(1030-1035)Online publication date: Jul-2007
  • Show More Cited By

Index Terms

  1. Teaching a web security course to practice information assurance

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    SIGCSE '06: Proceedings of the 37th SIGCSE technical symposium on Computer science education
    March 2006
    612 pages
    ISBN:1595932593
    DOI:10.1145/1121341
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 03 March 2006

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. hybrid teaching approach
    2. information assurance education
    3. web security

    Qualifiers

    • Article

    Conference

    SIGCSE06
    Sponsor:

    Acceptance Rates

    Overall Acceptance Rate 1,595 of 4,542 submissions, 35%

    Upcoming Conference

    SIGCSE TS 2025
    The 56th ACM Technical Symposium on Computer Science Education
    February 26 - March 1, 2025
    Pittsburgh , PA , USA

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)3
    • Downloads (Last 6 weeks)1
    Reflects downloads up to 25 Jan 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2024)Advanced Network and System Security TeachingElectronics10.3390/electronics1401000314:1(3)Online publication date: 24-Dec-2024
    • (2021)Incorporating active learning activities to the design and development of an undergraduate software and web security courseJournal of Computers in Education10.1007/s40692-021-00194-9Online publication date: 16-Jun-2021
    • (2007)Bridge Information Assurance Education Gap between the Majority and Minority Universities through Collaboration6th IEEE/ACIS International Conference on Computer and Information Science (ICIS 2007)10.1109/ICIS.2007.70(1030-1035)Online publication date: Jul-2007
    • (2007)Teaching IT in Health Care and Nursing Program--ExperiencesProceedings of the Twentieth IEEE International Symposium on Computer-Based Medical Systems10.1109/CBMS.2007.106(349-356)Online publication date: 20-Jun-2007
    • (2007)Teaching of Information Security in the “Health Care and Nursing” Postgraduate programNew Approaches for Security, Privacy and Trust in Complex Environments10.1007/978-0-387-72367-9_44(479-484)Online publication date: 2007
    • (2021)Incorporating active learning activities to the design and development of an undergraduate software and web security courseJournal of Computers in Education10.1007/s40692-021-00194-9Online publication date: 16-Jun-2021
    • (2009)Medical Personal Data in Secure Information SystemsInformation Systems: Modeling, Development, and Integration10.1007/978-3-642-01112-2_35(340-345)Online publication date: 2009

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media