skip to main content
10.1145/1940941.1940950acmotherconferencesArticle/Chapter ViewAbstractPublication PagesinfoseccdConference Proceedingsconference-collections
research-article

Risk assessment of voting systems for teaching the art of information security

Published: 01 October 2010 Publication History

Abstract

This paper describes case study assignment in risk assessment for a course in information security management. The instructor's approach in the course was to integrate various readings through discussion and assignments. The assignment described in this paper was based on an actual project and used in an information security management course taught in Summer 2010. Readers will benefit from the instructor's description of this assignment, which teaches the art of information security management by creating a hybrid risk assessment process that provides a practical, reusable, scholarly, and realistic exercise. The assignment proved to be a useful, hands-on practice that students were able to satisfactorily complete.

References

[1]
Chen, L., Longstaff, T. A., and Carley, K. M. 2006. The provision of defenses against internet-based attacks. In Whitman and Mattord, Readings and Cases in the Management of Information Security, Thomson Course Technology, Boston, MA, 105--119.
[2]
Dark, M. A. 2006. Security education, training and awareness from a human performance technology point of view. In Whitman and Mattord, Readings and Cases in the Management of Information Security, Thomson Course Technology, Boston, MA, 86--104.
[3]
Halpert, B. J. 2006. Mobile device security management. In Whitman and Mattord, Readings and Cases in the Management of Information Security, Thomson Course Technology, Boston, MA, 2--7.
[4]
HAVA. 2002. Help America Vote Act of 2002. Public Law 107--252, 107th Congress, USA. DOI= http://www.fec.gov/hava/hava.htm.
[5]
Jefferson, D., Rubin, A. D., Simons, B., and Wagner, D. 2004. A security analysis of the secure, electronic registration and voting experiment (SERVE). U.S. Department of Defense: Federal Voting Assistance Program.
[6]
Jones, Doug W. 2005. Threats to voting systems. NIST Workshop on Threats to Voting Systems (Gaithersburg, MD, October 7, 2005). DOI=http://www.cs.uiowa.edu/~jones/voting/nist2005.shtml.
[7]
Lunt, B. M., et al. 2008. Information Technology 2008 Curriculum Guidelines for Undergraduate Degree Programs in Information Technology. Association for Computing Machinery (ACM), IEEE Computer Society (November 2008). DOI=http://www.acm.org/education/curricula/IT2008%20Curriculum.pdf/view.
[8]
Pipkin, D. L. 2006. Linking business objectives and security directives. In Whitman and Mattord, Readings and Cases in the Management of Information Security, Thomson Course Technology, Boston, MA, 8--16.
[9]
Stoneburner, G., Goguen, A. and Feringa, A. 2002. Risk management guide for information technology systems: Recommendations of the National Institute of Standards and Technology. Gaithersburg, Md: U.S. Dept. of Commerce, National Institute of Standards and Technology. DOI=http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf.
[10]
Whitman, M. 2003. Enemy at the gates: threats to information security," Communications of the ACM. 46, 8, (August 2003), 91--96.
[11]
Whitman, M. E. and Mattord, H. J. 2006a. Readings and Cases in the Management of Information Security, Thomson Course Technology, Boston, MA.
[12]
Whitman, M. E. and Mattord, H. J. 2006b. Zen and the art of information systems security---a philosophical, spiritual, and mystical approach to protecting information. In Whitman and Mattord, Readings and Cases in the Management of Information Security, Thomson Course Technology, Boston, MA, 33--44.

Index Terms

  1. Risk assessment of voting systems for teaching the art of information security

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    InfoSecCD '10: 2010 Information Security Curriculum Development Conference
    October 2010
    187 pages
    ISBN:9781450302029
    DOI:10.1145/1940941
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Sponsors

    • KSU - CISE: KSU Center for InfoSec Education
    • ISSA: The Metro Atlanta Information Systems Security Association

    In-Cooperation

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 01 October 2010

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. information security education
    2. risk assessment
    3. threats
    4. voting system security
    5. vulnerabilities

    Qualifiers

    • Research-article

    Conference

    InfoSecCD '10
    Sponsor:
    • KSU - CISE
    • ISSA

    Acceptance Rates

    Overall Acceptance Rate 18 of 23 submissions, 78%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • 0
      Total Citations
    • 287
      Total Downloads
    • Downloads (Last 12 months)11
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 11 Feb 2025

    Other Metrics

    Citations

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media