Abstract
Contemporary presentations of Information Assurance & Security (IAS) are far broader than older notions of "computer security," "network security," "OS security," and the like. The field has become so broad that it is only a slight exaggeration to state that it is difficult to find a sub-discipline of CS to which IAS is not relevant. This broadening of scope leads to many challenges as to how to structure such a course so that it does not appear intimidating in scope or merely a potpourri of marginally related topics. A means of structuring a course to avoid these pitfalls is presented here.
- Bishop, M., Introduction to Computer Security, Addison-Wesley (Boston), 2004. Google ScholarDigital Library
- Carroll, J. M., Computer Security(3rd), Butterworth-Heinemann (Burlington, MA), 2007.Google Scholar
- Dark, M. J., Ekstrom, J. J., Lunt, B. M., "Integration of information assurance and security into the IT2005 model curriculum," Conference On Information Technology Education, Proceedings of the 6th Conference on Information Technology Education, Newark, NJ, ACM Press (New York), 2005, 7--14. Google ScholarDigital Library
- Easttom, C., Computer Security Fundamentals, Prentice Hall Security Series (Upper Saddle River, NJ), 2005. Google ScholarDigital Library
- Gollmann, D., Computer Security, Wiley (Hoboken, NJ), 2006. Google ScholarDigital Library
- Jensen, B. K., Cline, B., Guynes, C. S., "Teaching the undergraduate CS information security course," SIGCSE Bulletin, Vol. 38, No. 2, ACM (New York), June 2006, 61--63. Google ScholarDigital Library
- JERIC, "A 2007 model curriculum for a liberal arts degree in computer science," Journal on Educational Resources in Computing (JERIC), Vol. 7, No. 2 (June 2007), ACM Press (New York), Article 2. Google ScholarDigital Library
- McCumber, J., Assessing and Managing Security Risk in IT Systems: A Structured Methodology, Auerbach/CRC Press (Boca Raton, FL), 2005. Google ScholarDigital Library
- Myers, J. P. Jr. & Riela, S., "Embracing the diversity of information security," in preparation.Google Scholar
- National Security Telecommunications and Information Systems Security Comm., "National Training Standard for Information Systems Security (INFOSEC) Professionals," NSTISSI No. 4011, National Security Agency, Fort George G. Meade, MD (June 20, 1994).Google Scholar
- Pfleeger, C. P. & Pfleeger, S. L., Security in Computing (4th ed.), Prentice Hall (Upper Saddle River, NJ), 2007. Google ScholarDigital Library
- Pieprzyk, J., Hardjono, T., & Seberry, J., Fundamentals of Computer Security, Springer (New York), 2003. Google ScholarDigital Library
- Riela, S., "Information Assurance: Concept Curriculum," unpubl. report, Dec. 2005.Google Scholar
- Salomon, D., Foundations of Computer Security, Springer (New York), 2005. Google ScholarDigital Library
- SIGITE (ACM Special Interest Group on Information Technology Education), "Computing Curricula: Information Technology Volume" (Draft), April 2005, http://www.sigite.org/content/activities/curriculum/downloads/IT%20Volume-April%202005.pdfGoogle Scholar
- Solomon, M. G. & Chapple, M., Information Security Illuminated, Jones & Bartlett (Sudbury, MA), 2005. Google ScholarDigital Library
- Spinello, R. A., CyberEthics -- Morality and Law in Cyberspace (3rd ed.), Jones & Bartlett (Sudbury, MA), 2006. Google ScholarDigital Library
- Tucker, A. B. (ed.), "Computing Curricula 1991," Communications of the ACM, Vol. 34, No. 6 (June 1991), ACM (New York), 68--84. Google ScholarDigital Library
Index Terms
- Taming the diversity of information assurance & security
Recommendations
Quantitative security assurance metrics: REST API case studies
ECSA '18: Proceedings of the 12th European Conference on Software Architecture: Companion ProceedingsSecurity assurance is the confidence that a system meets its security requirements based on specific evidences that an assurance technique provide. The notion of measuring security is complex and tricky. Existing approaches either (1) consider one ...
System security assurance: A systematic literature review
AbstractSystem security assurance provides the confidence that security features, practices, procedures, and architecture of software systems mediate and enforce the security policy and are resilient against security failure and attacks. ...
Highlights- Systematic literature review of security assurance of the ICT and CPSs.
- Study ...
Comments