research-article

Is teaching with security in mind working?

Authors:
Svetlana Peltsverger

Southern Polytechnic State University

Southern Polytechnic State University
View Profile

,
Orlando Karam

Department of Computer Science and Software Engineering

Department of Computer Science and Software Engineering
View Profile

InfoSecCD '10: 2010 Information Security Curriculum Development ConferenceOctober 2010Pages 15–20https://doi.org/10.1145/1940941.1940946

Published:01 October 2010Publication History

InfoSecCD '10: 2010 Information Security Curriculum Development Conference

Pages 15–20

ABSTRACT

Security topics have been taught for some time at universities. The most common approach has been to teach a required topic, and then introduce a security module later in the course. We have been promoting the notion of teaching security at the same time as main course's material. We found that this helps students to accept the idea of writing secure code at an early stage and encourages them to focus on the security issues before they start coding. We proposed teaching secure practices as the default model presented to the students, facilitating the adoption of those practices. Over a period of one year we promoted the concept among our colleagues both in our school and at teaching conferences. This paper is a report that shows where we are one year after of implementation of Teaching with Security in Mind.

References

Carrier-Sensitive Routing User Guide http://www.cisco.com/en/US/products/sw/voicesw/ps4371/products_user_guide_book09186a00801e88f0.htmlGoogle Scholar
Cenzic: Web Application Security Trends Report, Q1-Q2, 2009 http://www.cenzic.com/downloads/Cenzic_AppSecTrends_Q1-Q2-2009.pdfGoogle Scholar
Bandhakavi, S., Bisht, P., Madhusudan, P., Venkatakrishnan, V. "CANDID: Preventing SQL Injection Attacks Using Dynamic Candidate Evaluations," In Proceedings of ACM Conference on Computer and Communications Security 2007. pp 12--24 Google ScholarDigital Library
Walden, J. "Integrating Web Application Security into the IT Curriculum," In Proceedings of the 9th ACM SIGITE conference on Information technology education. pp 187--192 Google ScholarDigital Library
Guimaraes, M., Murray, M. "Using animation courseware in the teaching of database security," In proceedings of SIGITE 2007. pp 253--258 Google ScholarDigital Library
Google Code Search http://www.google.com/codesearchGoogle Scholar
Boyarsky, J. Batching Select Statements in JDBC http://www.javaranch.com/journal/200510/Journal200510.jsp#a2Google Scholar

Index Terms

Is teaching with security in mind working?
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime
  2. Professional topics
    1. Computing education
      1. Computing education programs
        Computer science education
        Information science education

Recommendations

Teaching with security in mind
ACM-SE 47: Proceedings of the 47th Annual Southeast Regional Conference

Security topics have been taught for some time at universities. The most common approach has been to teach a required topic, and then introduce a security module later in the course. We are promoting the notion of teaching security at the same time as ...
Read More
Teaching information systems security courses: A hands-on approach

It has become imperative for companies, governments, and organizations to understand how to guard against hackers, outsiders, and even disgruntled employees who threaten their information security, integrity and daily business operations. To address ...
Read More
Design of a computer security teaching and research laboratory (abstract only)
SIGCSE '12: Proceedings of the 43rd ACM technical symposium on Computer Science Education

To enhance the learning process a certain amount of hands-on experience is desirable to supplement the theory portion of computer security-related courses. This includes courses in information assurance, database security, computer security and computer ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
InfoSecCD '10: 2010 Information Security Curriculum Development Conference
October 2010
187 pages
ISBN:9781450302029
DOI:10.1145/1940941
Conference Chairs:
Mike Whitman,
Herb Mattord
Copyright © 2010 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 1 October 2010
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
SQL injection
computer security
security and protection
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate18of23submissions,78%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 5
  Total Citations
  View Citations
- 165
  Total Downloads
- Downloads (Last 12 months)2
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Is teaching with security in mind working?

InfoSecCD '10: 2010 Information Security Curriculum Development Conference

ABSTRACT

References

Cited By

Index Terms

Recommendations

Teaching with security in mind

Teaching information systems security courses: A hands-on approach

Design of a computer security teaching and research laboratory (abstract only)