Announcements
My Links
- My Home Page
- Books
- Classes
- Papers
- Reports and Notes
- Research
- Security in Programming
- Service
- Students
- Talks
- Miscellaneous
- My Family
- About Me (CV and such)
Other Links
- MyUCDavis
- Computer Security Lab
- Dept. of Computer Science
- College of Engineering
- University of California, Davis
- City of Davis
- County of Yolo
- State of California
- United States of America
Computer Security in Introductory Programming Classes
Citation
- M. Bishop, “Teaching Computer Security,” Proceedings of the Workshop on Education in Computer Security pp. 78–82 (Jan. 1997).
Paper
Abstract
The scope of computer security is as broad as the field of computer science; however, its most immediate impact to the average user is in the faulty, non-secure software, hardware, and systems that are deployed. The majority of these are designed, implemented and built, and fielded by people with much experience in their disciplines, but little in computer security. The basis of this position paper is the belief that to improve computer security education, we must increase the average computer programmer’s understanding of the issues of computer security.
Like many facets of the field of computer science, computer security rests on a firm understanding of the basics of computer programming, such as design, implementation, testing, and deployment. In that sense, a student’s first and second classes in programming are the beginnings of computer security education. This position paper argues that a major thrust of any initiative to improve the state of computer security education must begin with an analysis of teaching the basics of good design and programming.
Notice
The version posted here is a manuscript version. The definitive version was published in the Proceedings of the Workshop on Education in Computer Security, Jan. 1997.
