ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Teaching database security and auditing
Full text PdfPdf (438 KB)
Source
Technical Symposium on Computer Science Education archive
Proceedings of the 40th ACM technical symposium on Computer science education table of contents
Chattanooga, TN, USA
SESSION: Secure systems table of contents
Pages 241-245  
Year of Publication: 2009
ISBN:978-1-60558-183-5
Also published in ...
Author
Li Yang  University of Tennessee at Chattanooga, Chattanooga, TN, USA
Sponsors
SIGCSE: ACM Special Interest Group on Computer Science Education
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): n/a,   Downloads (12 Months): n/a,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1508865.1508954
What is a DOI?

ABSTRACT

Hands-on laboratory experiences are essential critical for students to understand concepts and gain real-world insights in database security and auditing. We are developing a set of hands-on labs to integrate theories of database security into practices. Our designed labs do not require purchasing any commercial software or pre-configuration. Each lab includes objectives, results, and resources to help students to understand database security concepts including access control, virtual private database, and database auditing etc. We use two major database products (Microsoft SQL Server and Oracle 10g) to design and implement our labs.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
Mario Guimaraes, New challenges in teaching database security, Proceedings of the 3rd annual conference on Information security curriculum development, September 22-23, 2006, Kennesaw, Georgia  [doi>10.1145/1231047.1231060]
2
Mario Guimaraes , Meg Murray, Using animation courseware in the teaching of database security, Proceedings of the 8th ACM SIGITE conference on Information technology education, October 18-20, 2007, Destin, Florida, USA  [doi>10.1145/1324302.1324356]
 
3
Sam Afyouni, Database Security and Auditing: Protecting Data Integrity and Accessibility, Course Technology Press, Boston, MA, 2005
 
4
Marshall D. Abrams , Sushil G. Jajodia , H. J. Podell, Information Security: An Integrated Collection of Essays, IEEE Computer Society Press, Los Alamitos, CA, 1995
 
5
Ron Ben-Natan. Implementing Database Security and Auditing, Elsevier Digital Press, 2005.
 
6
Oracle by Example Series: Oracle Database 10g Tutorial: http://www.oracle.com/technology/obe/10gr2_db_single/index.htm
 
7
Paul Litwin. Data Security: Stop SQL Injection Attacks Before They Stop You. MSDN. Magazine, 19(9). http://msdn.microsoft.com/en-us/magazine/cc163917.aspx
 
8
Rajshekhar Sunderraman, Oracle 10g Programming: A Primer, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 2007
 
9
RUTHERFOR, F. J., Hands-on: A means to an end. 2061 Today 3(5), 1993.
 
10
Haury, D. L., and P. Rillero. Perspectives of Hands-On Science Teaching. ERIC Clearinghouse for Science, Mathematics, and Environmental Education, Columbus, OH, 1994.
 
11
Rakesh Agrawal , Jerry Kiernan , Ramakrishnan Srikant , Yirong Xu, Hippocratic databases, Proceedings of the 28th international conference on Very Large Data Bases, p.143-154, August 20-23, 2002, Hong Kong, China
 
12
Latanya Sweeney, k-anonymity: a model for protecting privacy, International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, v.10 n.5, p.557-570, October 2002  [doi>10.1142/S0218488502001648]
 
13
P. Samarati, Protecting Respondents' Identities in Microdata Release, IEEE Transactions on Knowledge and Data Engineering, v.13 n.6, p.1010-1027, November 2001  [doi>10.1109/69.971193]
14
Hakan Hacigümüş , Bala Iyer , Chen Li , Sharad Mehrotra, Executing SQL over encrypted data in the database-service-provider model, Proceedings of the 2002 ACM SIGMOD international conference on Management of data, June 03-06, 2002, Madison, Wisconsin  [doi>10.1145/564691.564717]
 
15
Hacigumus, Hakan, Bala Iyer, Sharad Mehrotra. Efficient Execution of Aggregation Queries over Encrypted Relational Databases. Database Systems for Advanced Applications (DASFAA). 2004. Lecture Notes in Computer Science (LNCS) 2973, pp. 125--136. Springer-Verlag. 2004.
 
16
Hui Wang , Laks V. S. Lakshmanan, Efficient secure query evaluation over encrypted XML databases, Proceedings of the 32nd international conference on Very large data bases, September 12-15, 2006, Seoul, Korea

INDEX TERMS

Primary Classification:
  K. Computing Milieux
  K.3 COMPUTERS AND EDUCATION
      K.3.2 Computer and Information Science Education
          Subjects: Computer science education

Additional Classification:
  H. Information Systems
  H.2 DATABASE MANAGEMENT
      H.2.7 Database Administration
          Subjects: Security, integrity, and protection

  K. Computing Milieux
  K.3 COMPUTERS AND EDUCATION
      K.3.2 Computer and Information Science Education
          Subjects: Curriculum


General Terms:
Human Factors, Management, Security


Keywords:
auditing, curriculum, database security

Collaborative Colleagues:
Li Yang: colleagues
This Article has also been published in:

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player