Foundations for Security Aware Software Development Education

	This Article
	PDF RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Alec Yasinsac Articles by J. Todd McDonald

Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06) Track 9

Foundations for Security Aware Software Development Education (PDF)

Kauai, Hawaii

January 04-January 07

ISBN: 0-7695-2507-5

	ASCII Text	x
	Alec Yasinsac, J. Todd McDonald, "Foundations for Security Aware Software Development Education," Hawaii International Conference on System Sciences, vol. 9, pp. 219c, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06) Track 9, 2006.

	BibTex	x
	@article{ 10.1109/HICSS.2006.187, author = {Alec Yasinsac and J. Todd McDonald}, title = {Foundations for Security Aware Software Development Education}, journal ={Hawaii International Conference on System Sciences}, volume = {9}, year = {2006}, issn = {1530-1605}, pages = {219c}, doi = {http://doi.ieeecomputersociety.org/10.1109/HICSS.2006.187}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Hawaii International Conference on System Sciences TI - Foundations for Security Aware Software Development Education SN - 1530-1605 SP EP A1 - Alec Yasinsac, A1 - J. Todd McDonald, PY - 2006 KW - null VL - 9 JA - Hawaii International Conference on System Sciences ER -

Alec Yasinsac, Florida State University

J. Todd McDonald, Florida State University

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/HICSS.2006.187

Most instances of software exploitation are really software failure. Even though we cannot eliminate vulnerability from modern information systems, we can reduce exploitable code long term with sound, robust development practices. We argue that the current hot topic of so-called "secure coding" represents commonly taught coding techniques that ensure robustness, rather than ensuring any commonly understood concept of security. Weaving the practice of rigorous coding techniques into curriculum is essential — coding for security is useless apart from fault-tolerant foundations. However, security-specific coding techniques need to be integrated pedagogically alongside robustness so that students can differentiate the two. We propose in this paper a shift in instructional methods based on this distinction to help future programmers, developers, and software engineers produce "security-aware" software.

Citation:

Alec Yasinsac, J. Todd McDonald, "Foundations for Security Aware Software Development Education," hicss, vol. 9, pp.219c, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06) Track 9, 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.