INTEGRATING SECURITY INTO THE CURRICULUM

An educational system that cultivates an appropriate knowledge of comp uter security will increase the likelihood that the next generation of IT workers will have the background needed to design and develop syst ems that are engineered to be reliable and secure. The technical aspec ts of security are closely related to computer science and engineering . And many of the goals, concepts, and reasoning techniques are simila r too. Thus, two approaches are possible: Computer security could be t he focus of the curriculum, which would investigate the foundations an d technical approaches to security in considerable depth. A computer s cience or computer engineering curriculum could choose to use computer security as an important property to be addressed in all coursework. The authors argue that it is not reasonable to suggest that every stud ent should learn everything about security. Instead, they propose an a pproach that matches appropriate knowledge and skills with typical rol es in the information society. In this way, security insights can be i ntegrated within the existing information systems programs, rather tha n be treated separately. This article, therefore, proposes a set of hi gh-level educational objectives as the basis of a security-enhanced cu rriculum.