An integrated security curriculum model for undergraduate computer science and information systems majors

Author/Creator

Author/Creator ORCID

Date

2013-05-31

Department

Towson University. Department of Computer and Information Sciences

Program

Citation of Original Publication

Rights

Copyright protected, all rights reserved.
There are no restrictions on access to this document. An internet release form signed by the author to display this document online is on file with Towson University Special Collections and Archives.

Abstract

Security education, especially for undergraduates, has been identified as important to changing problematic security practices. However, current security efforts in education are primarily in the form of tracks or specialized courses, which only reach a subset of students and occur after students have established a foundation of coding techniques. This project aimed to develop, implement, and evaluate an integrated security curriculum model for students in the Computer and Information Sciences department at Towson University. Security modules were developed and subsequently delivered during spring 2007 and fall 2007 across selected sections of the core courses: CS0, CS1, and CS2. The modules were laboratory-based to allow seamless adoption and integration and included the innovative use of checklists to promote active learning and encourage critical thinking. A two group control group experimental design was employed using pretests and posttests for evaluation. A significant improvement in security knowledge was demonstrated (p = .005) indicating that security lab modules are an effective way to teach secure coding and design principles to more students, earlier in their studies, with minimal impact on existing curricula. Towson University, as a designated National Center of Academic Excellence in Information Security and Assurance Education, is the ideal platform to pioneer a "security across the curriculum" approach. The integrated security curriculum presented in this research complements our undergraduate security track for computer science majors and serves as a model for future integration.