research-article

Risk assessment of voting systems for teaching the art of information security

Author:
Jeffrey P. Landry

University of South Alabama, Mobile, AL

University of South Alabama, Mobile, AL
View Profile

InfoSecCD '10: 2010 Information Security Curriculum Development ConferenceOctober 2010Pages 36–39https://doi.org/10.1145/1940941.1940950

Published:01 October 2010Publication History

InfoSecCD '10: 2010 Information Security Curriculum Development Conference

Pages 36–39

ABSTRACT

This paper describes case study assignment in risk assessment for a course in information security management. The instructor's approach in the course was to integrate various readings through discussion and assignments. The assignment described in this paper was based on an actual project and used in an information security management course taught in Summer 2010. Readers will benefit from the instructor's description of this assignment, which teaches the art of information security management by creating a hybrid risk assessment process that provides a practical, reusable, scholarly, and realistic exercise. The assignment proved to be a useful, hands-on practice that students were able to satisfactorily complete.

References

Chen, L., Longstaff, T. A., and Carley, K. M. 2006. The provision of defenses against internet-based attacks. In Whitman and Mattord, Readings and Cases in the Management of Information Security, Thomson Course Technology, Boston, MA, 105--119.Google Scholar
Dark, M. A. 2006. Security education, training and awareness from a human performance technology point of view. In Whitman and Mattord, Readings and Cases in the Management of Information Security, Thomson Course Technology, Boston, MA, 86--104.Google Scholar
Halpert, B. J. 2006. Mobile device security management. In Whitman and Mattord, Readings and Cases in the Management of Information Security, Thomson Course Technology, Boston, MA, 2--7.Google Scholar
HAVA. 2002. Help America Vote Act of 2002. Public Law 107--252, 107th Congress, USA. DOI= http://www.fec.gov/hava/hava.htm.Google Scholar
Jefferson, D., Rubin, A. D., Simons, B., and Wagner, D. 2004. A security analysis of the secure, electronic registration and voting experiment (SERVE). U.S. Department of Defense: Federal Voting Assistance Program.Google Scholar
Jones, Doug W. 2005. Threats to voting systems. NIST Workshop on Threats to Voting Systems (Gaithersburg, MD, October 7, 2005). DOI=http://www.cs.uiowa.edu/~jones/voting/nist2005.shtml.Google Scholar
Lunt, B. M., et al. 2008. Information Technology 2008 Curriculum Guidelines for Undergraduate Degree Programs in Information Technology. Association for Computing Machinery (ACM), IEEE Computer Society (November 2008). DOI=http://www.acm.org/education/curricula/IT2008%20Curriculum.pdf/view.Google Scholar
Pipkin, D. L. 2006. Linking business objectives and security directives. In Whitman and Mattord, Readings and Cases in the Management of Information Security, Thomson Course Technology, Boston, MA, 8--16.Google Scholar
Stoneburner, G., Goguen, A. and Feringa, A. 2002. Risk management guide for information technology systems: Recommendations of the National Institute of Standards and Technology. Gaithersburg, Md: U.S. Dept. of Commerce, National Institute of Standards and Technology. DOI=http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf.Google Scholar
Whitman, M. 2003. Enemy at the gates: threats to information security," Communications of the ACM. 46, 8, (August 2003), 91--96. Google ScholarDigital Library
Whitman, M. E. and Mattord, H. J. 2006a. Readings and Cases in the Management of Information Security, Thomson Course Technology, Boston, MA.Google Scholar
Whitman, M. E. and Mattord, H. J. 2006b. Zen and the art of information systems security---a philosophical, spiritual, and mystical approach to protecting information. In Whitman and Mattord, Readings and Cases in the Management of Information Security, Thomson Course Technology, Boston, MA, 33--44.Google Scholar

Index Terms

Risk assessment of voting systems for teaching the art of information security
1. Social and professional topics
  1. Professional topics
    1. Computing education
      1. Computing education programs
        Information systems education

Recommendations

Assessing student performance outcomes in an information security risk assessment, service learning course
CITC5 '04: Proceedings of the 5th conference on Information technology education

This focus of this paper is on the assessment of student performance in an information security risk assessment, service learning course. The paper provides a brief overview of the information security risk assessment course as background information ...
Read More
Taxonomy of information security risk assessment (ISRA)

Information is a perennially significant business asset in all organizations. Therefore, it must be protected as any other valuable asset. This is the objective of information security, and an information security program provides this kind of ...
Read More
Information Security Risk Assessment Using Markov Models
ISECS '10: Proceedings of the 2010 Third International Symposium on Electronic Commerce and Security

Risk assessment is important in assessing the security states in information security. This paper proposed to use Markov models to assess the risk of information security. The simulation results were shown using different distributions.

Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
InfoSecCD '10: 2010 Information Security Curriculum Development Conference
October 2010
187 pages
ISBN:9781450302029
DOI:10.1145/1940941
Conference Chairs:
Mike Whitman,
Herb Mattord
Copyright © 2010 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 1 October 2010
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
information security education
risk assessment
threats
voting system security
vulnerabilities
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate18of23submissions,78%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 0
  Total Citations
  View Citations
- 277
  Total Downloads
- Downloads (Last 12 months)11
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
This publication has not been cited yet

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Risk assessment of voting systems for teaching the art of information security

InfoSecCD '10: 2010 Information Security Curriculum Development Conference

ABSTRACT

References

Cited By

Index Terms

Recommendations

Assessing student performance outcomes in an information security risk assessment, service learning course

Taxonomy of information security risk assessment (ISRA)

Information Security Risk Assessment Using Markov Models