Transcript The Role of Security in an Introductory Course

Information Security in an
Introductory Course
Introduction
Kathy Winters
University of Tennessee at Chattanooga
Department of Computer Science and
Engineering
Coordinator of Computer Literacy
Lecturer – Java, Information Security, Capstone
[email protected]
Introductory Course Definition
• Depends
• 2 or 4 year school
• Course of study
•
•
•
•
•
Web development
Information Technology
Information Management
Computer Science
Service Course
Questions To Be Answered
• What do we teach?
• When do we teach it?
• Who do we teach it to?
Routine / Traditional / Minimal
>
>
>
>
>
>
Passwords/ID
Malware
Theft of Computer
Spyware & Pop ups
Secure Connections
Spam
> Firewalls
> Service Pack
Updates
> Cookies
> Encryption
> Data Backups
> Phishing
What Do We Teach
Social Engineering
•
•
•
•
•
•
•
Shoulder surfing
Thumb drives
Technicians
Clean people
Students in the lab
Not closing our applications
Giving away our info
What Do We Teach
Social Networks
• Dangers of sharing information
• Future employers are using these to
screen applicants
• Posting pictures of our families with
identifying information
• Impersonation
What Do We Teach
Internet searches
• Know the source – Is it reliable
• Wikipedia
• Source for papers
• Source of code
• Does it contain a virus
• Copyright violations
• Music, games
Consolidation of Data
•
•
•
•
Search patterns
Google
Open docs
Data mining
Other General Topics
Sexting????
What Do We Teach
Web Design Classes
•
•
•
•
Cleaning input
Input size checking
Special character checking
SQL injection
What Do We Teach
Networking
•
•
•
•
Security issues
History and why
Basics of securing wireless transmissions
Encrypted transmission
What Do We Teach
Programming Classes
•
•
•
•
•
Buffer overflows
Secure coding
Defensive programming
Trap doors
Testing