2007-87 - CERIAS Tech Report 2007-87 A Framework for...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
CERIAS Tech Report 2007-87 A Framework for Information Security Ethics Education by Melissa Dark, Rich Epstein, Linda Morales, Terry Countermine, Qing Yuan, Matt Rose and Nathan Harter Center for Education and Research Information Assurance and Security Purdue University, West Lafayette, IN 47907-2086
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Proceedings of the 10 th Colloquium for Information Systems Security Education University of Maryland, University College Adelphi, MD June 5-8, 2006 ISBN 555555555/$15.00 2006 CISSE A Framework for Information Security Ethics Education Melissa Dark, Purdue University , Richard Epstein, West Chester University, Linda Morales, Terry Countermine, East Tennessee State University, Qing Yuan, East Tennessee State University, Muhammed Ali, Tuskegee University, Matt Rose, Purdue University, Nathan Harter, Purdue University Center for Research and Education in Information Assurance and Security, Purdue University, West Lafayette, IN 47907. [email protected] Abstract - This paper proposes a framework for teaching information security ethics at colleges and universities. The framework requires that students examine information security ethics from four dimensions: the ethical dimension, the security dimension, the solutions dimension and the personal moral development dimension. The intent is to use the framework to develop and/or select pedagogical resource materials for information security ethics education. Index terms - Management, Security Legal Aspects, Curriculum Issues, Pedagogy, Ethical/societal Issues. 1. INTRODUCTION The Internet has an enormous impact on society. The benefits are numerous and so is the potential for misuse and abuse. Hacking, spam, denial of service attacks, identity theft, digital rights infringement, and other abuses are now commonplace. Malice and criminal intent motivate some of these attacks, yet for others the motivation is not so clear. An attacker may feel a need to prove a particular cleverness or technological skill. An attacker may view a particular vulnerability as a challenge that can‟t be resisted. An attacker may desire revenge against a corporation or private individual, or may view the downloading and sharing of copyrighted software, movies and music to be a personal “right”. An attacker may be motivated by a dare from fellow hackers. Other motivations undoubtedly exist. The ubiquity and openness of the Internet require self- governance; however, we see that the ethical maturity of Internet users is often put to the test. Instructors struggle to provide learning experiences that nurture ethical maturity. The Association for Computing Machinery (ACM) and the Institute of Electrical and Electronic Engineers (IEEE) have recognized the need to integrate ethics into computer science and information technology curricula [1,2,3] and have developed codes of ethics for computing and engineering professionals [3,4,5]. The National Science Foundation provides funding to improve ethics education
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 12/13/2011 for the course CSCE 201 taught by Professor Staff during the Fall '10 term at South Carolina.

Page1 / 8

2007-87 - CERIAS Tech Report 2007-87 A Framework for...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online