发布求助
文献互助 智能选刊 最新文献

Proceedings of the 2015 Information Security Curriculum Development Conference最新文献

筛选
英文 中文
Evaluating the effectiveness of Microsoft threat modeling tool 评估微软威胁建模工具的有效性
Proceedings of the 2015 Information Security Curriculum Development Conference Pub Date : 2015-10-10 DOI: 10.1145/2885990.2885999
Imano Williams, Xiaohong Yuan
{"title":"Evaluating the effectiveness of Microsoft threat modeling tool","authors":"Imano Williams, Xiaohong Yuan","doi":"10.1145/2885990.2885999","DOIUrl":"https://doi.org/10.1145/2885990.2885999","url":null,"abstract":"Today, it is widely accepted that software security best practices need to be integrated into all the stages of the software development life cycle (SDLC). This is because software applications are constantly being exposed to malicious attacks by hackers. One of the best practices for software security is threat modeling. It is essential for software security in the design stage of the SDLC and can help to reduce software design flaws significantly before the software application is implemented. The topics of threat modeling and the SDLC threat modeling tool were introduced to graduate students in a secure software engineering course. The effectiveness of Microsoft's Threat Modeling Tool was evaluated through a course assignment that included two parts: A) threat modeling using a manual process and B) threat modeling using Microsoft's 2014 threat modeling tool. This paper presents the results of the evaluation of the tool in assisting non-experts, students, in conducting an architectural risk analysis on a mock online shopping web application.","PeriodicalId":236418,"journal":{"name":"Proceedings of the 2015 Information Security Curriculum Development Conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129227084","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
Denial of service hands-on lab for information assurance education: a case study 拒绝服务实践实验室的信息保障教育:一个案例研究
Proceedings of the 2015 Information Security Curriculum Development Conference Pub Date : 2015-10-10 DOI: 10.1145/2885990.2885992
Jianhua Yang, Yien Wang
{"title":"Denial of service hands-on lab for information assurance education: a case study","authors":"Jianhua Yang, Yien Wang","doi":"10.1145/2885990.2885992","DOIUrl":"https://doi.org/10.1145/2885990.2885992","url":null,"abstract":"Conducting hands-on labs on information assurance education has become more and more important. Nowadays, hands-on labs are essential for computer security classes. To help with lowering the cost of hardware and software and have the availability to offer offensive hands-on labs for online learning, we propose three DoS attack lab exercises which are different from the traditional DoS labs in terms of cost and online availability. Three years of offering these special designed DoS labs at Columbus State University shows that it can help students to reach their learning objectives and better assimilate the concepts covered in classes.","PeriodicalId":236418,"journal":{"name":"Proceedings of the 2015 Information Security Curriculum Development Conference","volume":"112 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124524313","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Encryption and privacy in the business environment 商业环境中的加密和隐私
Proceedings of the 2015 Information Security Curriculum Development Conference Pub Date : 2015-10-10 DOI: 10.1145/2885990.2886007
Neil Light
{"title":"Encryption and privacy in the business environment","authors":"Neil Light","doi":"10.1145/2885990.2886007","DOIUrl":"https://doi.org/10.1145/2885990.2886007","url":null,"abstract":"This paper briefly outlines forms of public key encryption. Also, common uses of encryption in the business environment are described. Finally, policy concerns regarding security and privacy are addressed.","PeriodicalId":236418,"journal":{"name":"Proceedings of the 2015 Information Security Curriculum Development Conference","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133759923","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An investigation of privacy protocols in location-based service 基于位置服务的隐私协议研究
Proceedings of the 2015 Information Security Curriculum Development Conference Pub Date : 2015-10-10 DOI: 10.1145/2885990.2886005
Crystal Williams, H. Chi
{"title":"An investigation of privacy protocols in location-based service","authors":"Crystal Williams, H. Chi","doi":"10.1145/2885990.2886005","DOIUrl":"https://doi.org/10.1145/2885990.2886005","url":null,"abstract":"Location-based services greatly enrich our mobility experiences; it also comes along with privacy concerns, as a location-based service provider can now continuously track the location of a user. Although many privacy protocols have been proposed to address the privacy issues, there has not been much comprehensive study and comparison of those protocols. In this paper, the investigation is on the privacy models for location-based services. The focus of these studies is on the security issues on location-based service. The recently proposed protocols identify location-based services and compare them with well-designed benchmarks. In addition, performance analyses for each individual protocol are discussed in this paper.","PeriodicalId":236418,"journal":{"name":"Proceedings of the 2015 Information Security Curriculum Development Conference","volume":"499 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132235441","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A survey of university system of Georgia cyber security programs 对佐治亚大学系统网络安全项目的调查
Proceedings of the 2015 Information Security Curriculum Development Conference Pub Date : 2015-10-10 DOI: 10.1145/2885990.2886004
Svetlana Peltsverger
{"title":"A survey of university system of Georgia cyber security programs","authors":"Svetlana Peltsverger","doi":"10.1145/2885990.2886004","DOIUrl":"https://doi.org/10.1145/2885990.2886004","url":null,"abstract":"This paper presents the results of a survey of the University System of Georgia Universities that offer academic programs in the area of Computer Science, Computer Information Systems, Information Technology and Cyber Security. The objective of the study was to identify security related degrees and/or certificates and their areas of specialization/concentration.","PeriodicalId":236418,"journal":{"name":"Proceedings of the 2015 Information Security Curriculum Development Conference","volume":"67 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123450541","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Towards an integrative learning approach in cybersecurity education 网络安全教育的整合学习方法
Proceedings of the 2015 Information Security Curriculum Development Conference Pub Date : 2015-10-10 DOI: 10.1145/2885990.2886001
Sherly Abraham, Lifang Shih
{"title":"Towards an integrative learning approach in cybersecurity education","authors":"Sherly Abraham, Lifang Shih","doi":"10.1145/2885990.2886001","DOIUrl":"https://doi.org/10.1145/2885990.2886001","url":null,"abstract":"This paper describes a multifaceted approach to cybersecurity education based on integrative learning theory. We emphasize the need to focus on curriculum, experiential learning techniques, assessment and fostering a community of practice. The need to build conceptual, tactical and practical skills among cybersecurity professionals is highlighted. The paper will include examples of how integrative learning methods can be implemented in cybersecurity education through a number of methods such as curriculum, virtual labs, simulations, cyber student clubs and participation in cyber security competitions.","PeriodicalId":236418,"journal":{"name":"Proceedings of the 2015 Information Security Curriculum Development Conference","volume":"2021 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131468367","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Litigation support: complying with the law when handling electronic information during legal proceedings 诉讼支持:在法律诉讼过程中依法处理电子信息
Proceedings of the 2015 Information Security Curriculum Development Conference Pub Date : 2015-10-10 DOI: 10.1145/2885990.2886002
Pedro Laboy
{"title":"Litigation support: complying with the law when handling electronic information during legal proceedings","authors":"Pedro Laboy","doi":"10.1145/2885990.2886002","DOIUrl":"https://doi.org/10.1145/2885990.2886002","url":null,"abstract":"This paper examines the Litigation Support industry and its involvement with compliance to federal and sometimes international, regulations. The focus of the research is information, in particular, electronically stored information. During legal proceedings in which electronic information can be used as evidence, there is an established set of rules and procedures that exists. This document first introduces the litigation support industry and all the various support structures that exist within it which an organization can use. It then outlines the formal laws that were implemented in relation to information. Finally, it describes how these laws affect the organization in their efforts to remain compliant throughout the entire legal process.","PeriodicalId":236418,"journal":{"name":"Proceedings of the 2015 Information Security Curriculum Development Conference","volume":"93 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125858022","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Data security: data breaches 数据安全:数据泄露
Proceedings of the 2015 Information Security Curriculum Development Conference Pub Date : 2015-10-10 DOI: 10.1145/2885990.2886003
Deborah L. Cooper
{"title":"Data security: data breaches","authors":"Deborah L. Cooper","doi":"10.1145/2885990.2886003","DOIUrl":"https://doi.org/10.1145/2885990.2886003","url":null,"abstract":"This paper focuses on recent data breaches of two differing entities, Target (2013) and the U.S. Office of Personnel Management (2015). The number of accounts and people, as well as the personally identifiable financial information (PIFI) and personally identifiable information (PII), affected are discussed. Additionally, the lessons learned from each incident and the proposed or updated security measures implemented will be addressed.","PeriodicalId":236418,"journal":{"name":"Proceedings of the 2015 Information Security Curriculum Development Conference","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123668927","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信