A Comprehensive Undergraduate Information Assurance Program

Conti, Gregory; Hill, John M.; Lathrop, Scott D.; Alford, Kenneth L.; Ragsdale, Daniel

doi:10.1007/978-0-387-35694-5_23

Cited by 12 publications

(8 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This program encompasses six core modules: The courses "Fundamentals of Security Engineering", "Risk Analysis / Certification and Accreditation", "Applied Computer Cryptography", "Legal Impacts of Computer Security Solutions", "Applied Network Security", and a module "Security Engineering Internship". Much of the same course topics are also present in the undergraduate information assurance program at ITOC, United States Military Academy, West Point as described in Conti et al [7] and in other CoE accredited undergraduate programs in the U.S. However, Conti et al also describes to importance of information security integration throughout the curriculum, which cannot be constrained solely to specialized courses.…”

Section: Academic Levelsmentioning

confidence: 94%

Full-spectrum information security education

Hjelmås

Wolthusen

2006

Proceedings of the 3rd Annual Conference on Information Security Curriculum Development

View full text Add to dashboard Cite

In this paper, we describe the content and rationale of a comprehensive information security program encompassing degree options at the B.Sc., M.Sc., and Ph.D. levels established at Gjøvik University College, Norway. While the individual programs are open for students meeting certain formal prerequisites at each level, the sequence of degree programs is also designed in such a way as to allow students to progress from B.Sc. to Ph.D. levels without undue overlap or repetition. This is accomplished by placing different emphases on the teaching and learning tools and techniques used, moving on to higher levels in Bloom's hierarchy in the process. At the same time, the different degrees also take into account the career progression and concomitant changes in the needs of students. We describe these considerations along with a brief description of courses offered at each level, along with a description of the learning environments at each level.

show abstract

Section: Academic Levelsmentioning

confidence: 94%

Full-spectrum information security education

Hjelmås

Wolthusen

2006

Proceedings of the 3rd Annual Conference on Information Security Curriculum Development

View full text Add to dashboard Cite

show abstract

“…The reading list for Massachusetts Institute of Technology's open courseware includes papers on Usable Security. In a comprehensive undergraduate information assurance program described in [17], student teams from undergraduate institutions set up networks and try to secure them from attacks conducted by a team from the National Security Agency and the 1 st Information Operations Command. While students learn about protecting national infrastructure from realistic attacks, the program could be augmented to include possible attacks against civilian systems by exploiting human factors.…”

Section: Usable Security In Coursesmentioning

confidence: 99%

A method for incorporating usable security into computer security courses

George

Klems

Valeva

2013

Proceeding of the 44th ACM Technical Symposium on Computer Science Education

View full text Add to dashboard Cite

Since human factor security exploits are on the rise, ensuring Usable Security has become extremely important for the overall security of computer systems. However, traditional undergraduate computer security curriculum focuses heavily on technical aspects of security and generally ignores Usable Security. To address this problem, we developed a new 3P Learning Method that encourages students to view security problems from three different perspectives (i.e. 3P), namely: Defense, Offense, and Use. The 3P Method lets us incorporate Usable Security into the existing curriculum and helps students to consider Usable Security as an integral part of secure system design rather than an optional add-on.

show abstract

“…The fact that we don't understand how security arises from users' interactions with systems is a major problem. 9 Part of this gap arises from issues in measurement and focus. Traditionally, the CS and CE approaches to information assurance have been concerned with verifying system requirements.…”

Section: Top Problems In Information Securitymentioning

confidence: 99%