Security and computer forensics in web engineering education

The integration of security and forensics into Web Engineering curricula is imperative! Poor security in web-based applications is continuing to cost organizations millions and the losses are still increasing annually. Security is frequently taught as a stand-alone course, assuming that security can be 'bolted on' to a web application at some point. Security issues must be integrated into Web Engineering processes right from the beginning to create secure solutions and therefore security should be an integral part of a Web Engineering curriculum. One aspect of Computer forensics investigates failures in security. Hence, students should be aware of the issues in forensics and how to respond when security failures occur; collecting evidence is particularly difficult for Web-based applications

The Need to Address Mobile Device Security in the Higher Education IT Curriculum

Mobile devices, including smartphones and tablets, enable users to access corporate data from anywhere. In 2013, people will purchase 1.2 billion mobile devices, surpassing personal computers as the most common method for accessing the Internet. However, security of these mobile devices is a major concern for organizations. The two leading mobile operating systems (OS), Google’s Android OS and Apple’s iOS, both have security concerns as do the mobile applications and the major application markets. ‘Bring your own devices,’ where employees supply their own equipment for work-related purposes, can cut costs for organizations, but failing to address security can significantly increase those costs. This paper focuses on the increasing need for mobile business and its related mobile device security concerns. We propose that future IT professionals should be aware of these issues and learn how to secure mobile devices through the integration of the topic into the IT Model Curriculum. Using the case of one undergraduate IT program, we developed a set of mobile device security education recommendations, which we then mapped to the IT Model Curriculum using the guidelines from Accreditation Board for Engineering and Technology (ABET). This mapping approach demonstrates one way how higher education institutions could integrate mobile device security into any IT curriculum

Multinational perspectives on information technology from academia and industry

As the term \u27information technology\u27 has many meanings for various stakeholders and continues to evolve, this work presents a comprehensive approach for developing curriculum guidelines for rigorous, high quality, bachelor\u27s degree programs in information technology (IT) to prepare successful graduates for a future global technological society. The aim is to address three research questions in the context of IT concerning (1) the educational frameworks relevant for academics and students of IT, (2) the pathways into IT programs, and (3) graduates\u27 preparation for meeting future technologies. The analysis of current trends comes from survey data of IT faculty members and professional IT industry leaders. With these analyses, the IT Model Curricula of CC2005, IT2008, IT2017, extensive literature review, and the multinational insights of the authors into the status of IT, this paper presents a comprehensive overview and discussion of future directions of global IT education toward 2025

A Hands-On Approach to Computing Security Education: Metasploit Module Development

As the demand for skilled computer security professionals continues to increase, curricula at colleges and universities must continually evolve to meet current industry needs. Incorporating Metasploit module development into these curricula increases the value of the education received by the graduate and makes them a more attractive candidate to potential employers. The flexibility of the Metasploit framework, especially for targeting mobile device platforms, proves to be a valuable tool in evaluating the security of many different devices. This paper discusses the importance of incorporating Metasploit module development into computing security curricula to better prepare graduates for the constantly changing environment they will encounter. Hands-on lab outline, module development experiences, and related work are also discussed in the paper

Wanted: Trained Security Specialists\u27

This paper looks at security concerns within the IT industry and how to increase student interest in this field of study. One specific activity is presented as a way to expose students to security concerns they are likely to encounter as a system administrator

Using Bloom\u27s and Webb\u27s Taxonomies to Integrate Emerging Cybersecurity Topics into a Computic Curriculum

Recent high profile hackings have cost companies millions of dollars resulting in an increasing priority to protect government and business data. Universities are under increased pressure to produce graduates with better security knowledge and skills, particularly emerging cybersecurity skills. Although accredited undergraduate computing programs recognize the need to solve this problem, these computing programs are constrained by accreditation standards and have limited ability to modify their curricula. This paper discusses a case study on how one Accreditation Board for Engineering and Technology (ABET) accredited undergraduate IT program created a strategy to continue to teach existing security-related topics as well as emerging cybersecurity topics within its IT curriculum without increasing credit requirements. The faculty developed an IT Security-related and Cybersecurity Curriculum Taxonomy to identify strategies to move security-related topics taught in the higher level courses to lower and intermediate courses. Thus emerging cybersecurity topics could be added to high-level courses. The faculty also created the IT Student Learning (Security-related) Taxonomy by combining Bloom’s Taxonomy’s six levels of thinking with Webb’s Depth of Knowledge Model. This student learning taxonomy enabled the faculty to review the student learning outcomes for each of the existing security-related core topics and develop new ones for the emerging cybersecurity topics. Challenges, benefits, and application of this strategy to other disciplines are discussed

TLAD 2011 Proceedings:9th international workshop on teaching, learning and assesment of databases (TLAD)

This is the ninth in the series of highly successful international workshops on the Teaching, Learning and Assessment of Databases (TLAD 2011), which once again is held as a workshop of BNCOD 2011 - the 28th British National Conference on Databases. TLAD 2011 is held on the 11th July at Manchester University, just before BNCOD, and hopes to be just as successful as its predecessors.The teaching of databases is central to all Computing Science, Software Engineering, Information Systems and Information Technology courses, and this year, the workshop aims to continue the tradition of bringing together both database teachers and researchers, in order to share good learning, teaching and assessment practice and experience, and further the growing community amongst database academics. As well as attracting academics from the UK community, the workshop has also been successful in attracting academics from the wider international community, through serving on the programme committee, and attending and presenting papers.Due to the healthy number of high quality submissions this year, the workshop will present eight peer reviewed papers. Of these, six will be presented as full papers and two as short papers. These papers cover a number of themes, including: the teaching of data mining and data warehousing, databases and the cloud, and novel uses of technology in teaching and assessment. It is expected that these papers will stimulate discussion at the workshop itself and beyond. This year, the focus on providing a forum for discussion is enhanced through a panel discussion on assessment in database modules, with David Nelson (of the University of Sunderland), Al Monger (of Southampton Solent University) and Charles Boisvert (of Sheffield Hallam University) as the expert panel

TLAD 2011 Proceedings:9th international workshop on teaching, learning and assesment of databases (TLAD)

This is the ninth in the series of highly successful international workshops on the Teaching, Learning and Assessment of Databases (TLAD 2011), which once again is held as a workshop of BNCOD 2011 - the 28th British National Conference on Databases. TLAD 2011 is held on the 11th July at Manchester University, just before BNCOD, and hopes to be just as successful as its predecessors.The teaching of databases is central to all Computing Science, Software Engineering, Information Systems and Information Technology courses, and this year, the workshop aims to continue the tradition of bringing together both database teachers and researchers, in order to share good learning, teaching and assessment practice and experience, and further the growing community amongst database academics. As well as attracting academics from the UK community, the workshop has also been successful in attracting academics from the wider international community, through serving on the programme committee, and attending and presenting papers.Due to the healthy number of high quality submissions this year, the workshop will present eight peer reviewed papers. Of these, six will be presented as full papers and two as short papers. These papers cover a number of themes, including: the teaching of data mining and data warehousing, databases and the cloud, and novel uses of technology in teaching and assessment. It is expected that these papers will stimulate discussion at the workshop itself and beyond. This year, the focus on providing a forum for discussion is enhanced through a panel discussion on assessment in database modules, with David Nelson (of the University of Sunderland), Al Monger (of Southampton Solent University) and Charles Boisvert (of Sheffield Hallam University) as the expert panel