Moving beyond security tracks

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Moving beyond security tracks: integrating security in cs0 and cs1

Full text

Pdf (279 KB)

Source

Technical Symposium on Computer Science Education archive
Proceedings of the 39th SIGCSE technical symposium on Computer science education table of contents

Portland, OR, USA

SESSION: Security table of contents

Pages 320-324

Year of Publication: 2008

ISBN:978-1-59593-799-5

Also published in ...

Authors

Blair Taylor	Towson University, Towson, MD, USA
Shiva Azadegan	Towson University, Towson, MD, USA

Sponsors

ACM: Association for Computing Machinery
SIGACCESS: ACM Special Interest Group on Accessible Computing
SIGCSE: ACM Special Interest Group on Computer Science Education

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): n/a, Downloads (12 Months): n/a, Citation Count: 1

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1352135.1352246 What is a DOI?

ABSTRACT

In response to the national computer security crisis, colleges and universities have developed security tracks and specialized security courses. While security tracks are effective at producing security experts, they only reach a small subset of students and occur after students have established a foundation of coding techniques. Most undergraduate computing students learn programming and design with little regard to security issues.

To complement our security track and reach all computing students at the beginning of their studies, we piloted security integration across sections of CS0 and CS1, using a series of security laboratory modules. Preliminary results show increased security knowledge in the security-targeted sections. This paper describes the details and results of this pilot, which serves as a model for further integration throughout the CS curriculum.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Azadegan, S., Lavine, M., O'Leary, M., Wijesinha, A. and M. Zimand. 2006. Undergraduate Computer Security Education: A Report on our Experiences & Learning. Proceedings of Seventh Workshop on Education in Computer Security, Monterey, CA.
	2	Matt Bishop , Deborah A. Frincke, Teaching Secure Programming, IEEE Security and Privacy, v.3 n.5, p.54-56, September 2005 [doi>10.1109/MSP.2005.133]
	3	Bishop, M. 2006. Teaching Assurance Using Checklists, Seventh Workshop on Education in Computer Security, Monterey, CA.
	4	CERT Coordination Center, 2007. http://www.cert.org/stats.
	5	Jim Davis , Melissa Dark, Teaching Students to Design Secure Systems, IEEE Security and Privacy, v.1 n.2, p.56-58, March 2003 [doi>10.1109/MSECP.2003.1193212]
	6	David P. Gilliam , Thomas L. Wolfe , Josef S. Sherif , Matt Bishop, Software Security Checklist for the Software Life Cycle, Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, p.243, June 09-11, 2003
	7	Mark G. Graff , Kenneth R. Van Wyk, Secure Coding: Principles and Practices, O'Reilly & Associates, Inc., Sebastopol, CA, 2003
	8	Greg Hoglund , Gary McGraw, Exploiting Software: How to Break Code, Pearson Higher Education, 2004
	9	Michael Howard , David Leblanc , Brian Valentine, Writing Secure Code, Microsoft Press, Redmond, WA, 2001
	10	Cynthia E. Irvine , Shiu-Kai Chin , Deborah Frincke, Integrating Security into the Curriculum, Computer, v.31 n.12, p.25-30, December 1998 [doi>10.1109/2.735847]
	11	Levin, I. and Lieberman, E., 2000. Developing Analytical and Synthetic Thinking in Technology Education, Proceedings of International Conference on Technology Education, Braunshweig, Germany.
	12	Perrone, L.F, Aburdene, M. and Meng, X.2005. Approaches to undergraduate instruction in computer security, Proceedings of the American Society for Engineering Education Annual Conference and Exhibition, ASEE 2005.
	13	SANS Institiute, New Report Identifies the Three Programming Errors Most Frequently Responsible For Critical Security Vulnerabilities and Security Incidents in 2006, 2007. http://www.sans-ssi.org/top_three.pdf
	14	Robert Seacord, Secure Coding in C and C++: Of Strings and Integers, IEEE Security and Privacy, v.4 n.1, p.74, January 2006 [doi>10.1109/MSP.2006.22]
	15	Blair Taylor , Shiva Azadegan, Threading secure coding principles and risk analysis into the undergraduate computer science and information systems curriculum, Proceedings of the 3rd annual conference on Information security curriculum development, September 22-23, 2006, Kennesaw, Georgia [doi>10.1145/1231047.1231053]
	16	Taylor, B. and Azadegan, S.,, 2007, Using Security Checklists and Scorecards in CS Curriculum, Proceedings of the National Colloquium for Information Systems Security Education, Boston, MA.
	17	Taylor, B. and Azadegan, S., 2007. Teaching Security through Active Learning, Frontiers in Education: Computer Science and Engineering, 2007, Los Vegas, NV.
	18	Rayford B. Vaughn, Jr., Application of security tot he computing science classroom, Proceedings of the thirty-first SIGCSE technical symposium on Computer science education, p.90-94, March 07-12, 2000, Austin, Texas, United States
	19	Viega, J. and McGraw, G. 2002. Building Secure Software, Addison-Wesley, Boston.
	20	White, G. and Nordstrom, G. 1996. Security across the curriculum: using computer security to teach computer science principles. Proc. 19th Nat'l Information Systems Security Conf., Baltimore, MD, 1996.
	21	Yasinac, A. and J.T. McDonald, J.T., Foundations for Security Awareness Curriculum, Proceedings of the 39th Hawaii International Conference in System Sciences, 2006.