Abstract – Interdisciplinary collaborations are transforming the way we learn and the way we teach. This article is about expanding the congruent and often overlapping domains of Information Assurance and the Law. While IA curricula pay some heed to the effect of legal matters on security procedure and outcome, the curriculum has been heavily focused on computer science and management information systems. Through greater co-operation we feel that IA curricula may gain tremendous enrichment and increased understanding, not only of the Law, but of issues central to IA.

Abstract – Many universities and community colleges with an Information Assurance major or concentration include a course or modules of a course covering the topics of law, ethics, and the affect of information assurance solutions on laws and ethics. In this paper, we discuss how we have applied an active learning approach to our course, “Legal Impacts of Computer Security Solutions”for both undergraduates and graduate students using the traditional classroom as well as an online learning environment.

Abstract – Web application security has been an emerging topic while an increasing number of commercial applications are web-based.  We are developing a new secure web development teaching tool, called SWEET (Secure WEb dEvelopment Teaching), to teach the students about web application security based on the life cycle of the application development. This paper describes the development of SWEET and provides an example of laboratory exercises on secure web communications. Experiences of incorporating SWEET in Information Assurance courses are also discussed.

Abstract – To address a perceived lack of availability of educational resources for students and teachers in the field of information security, and advance the quality of information security education in general, our institutions have begun development of a web portal to house information securityrelated educational materials, research and virtual exercises, as well as provide links to other resources. This portal is termed the PRISM, Public Repository for Information Security Materials This paper details the initial vision for the PRISM repository, outlines user interface, technical, and personnel requirements, and discusses some of the more interesting aspects of implementation including access control provisioning, and protocols for content submission, review and classification. Current status of the project is also presented, followed by a brief overview of near-term future plans.

Abstract - The focus of this paper is to discuss observations and common issues that exist with respect to information assurance in rural and urban environments. Due to an often limited prior exposure to computer technology before starting college, students in rural and urban areas begin their studies with an experience deficit that provides an easy attack vector for identity thieves to exploit. In addition to potentially significant personal harm to the individual, losses that result have a negative impact on society. We propose an interdisciplinary approach to address the problem that incorporates the use of case studies to promote discussion and awareness in at risk student populations.

Abstract – This paper describes a project to use a virtual team approach to add information security topics to two graduate courses where these topics are not the primary focus, using student teams from those two courses working with students enrolled in an information security management course. Students worked on development of an implementation plan involving security issues for a fictitious business case. Results indicated increased security awareness of students in all three courses by the end of the semester, based on pre-test and posttest results.

Abstract – The Computer Science Department at Boston University Metropolitan College offers a sequence of two graduate courses on cryptography. Being mathematical in nature, they lay down a solid foundation of knowledge that can be utilized in semester projects. Two projects are designed which tie together the concepts from both courses to implement real world scenarios in public key infrastructure and web of trust modeling. Several cryptographically secure algorithms are required to be implemented by students to successfully complete these projects.

Abstract – The TCP three-way handshake can be used as a pedagogical tool when teaching network security in an introductory course in information security. I use it as a common theme that runs through various network security topics so that it is easier for students to grasp new concepts while reinforcing old knowledge. This paper describes the rationale for so doing and shares examples of some learning tools I created in this respect.

Abstract – This paper discusses how news stories are integrated into an introductory course on Computer Security and Ethics. The main emphasis in this paper is on two assignments that relate to computer security in the news. Special attention is paid to the second of these two assignments. This requires that students create a blog containing links to security news stories along with commentaries on those news stories. This blog is maintained through the entire semester. All of the students who chose to do this assignment during the fall 2009 semester have expressed enthusiasm for this project.

Abstract – Generally discussions of digital signatures, cryptography and computer security focus on the complicated technical details behind the systems. Students are often led to the false conclusion that such systems are truly secure. We describe a very simple Trojan horse attack on a Department of Defense digital signature system, and how its demonstration in the classroom led to an improved understanding of weaker links in the security trust chain, and a healthy skepticism of security claims.