Announcements
Center for Information Protection
UC Davis is planning to join the NSF I/UCRC
Center for Information Protection. We are looking
for companies to join our Industrial Advisory
Board.
Find out more here!
Conferences and Workshops
- ISGIG 2009
- ACSAC 25
- PETRA 2010 (due 11/15)
- Oakland 2010 (due 11/18)
My Links
- My Home Page
- Books
- Classes
- Papers
- Reports and Notes
- Research
- Security in Programming
- Service
- Students
- Talks
- Miscellaneous
- My Family
- About Me (CV and such)
Other Links
- MyUCDavis
- Computer Security Lab
- Dept. of Computer Science
- College of Engineering
- University of California, Davis
- City of Davis
- County of Yolo
- State of California
- United States of America
Back to School
Citation
- D. Frincke and M. Bishop, “Guarding the Castle Keep: Teaching with the Fortress Metaphor,” IEEE Security & Privacy Magazine 2(3) pp. 69–72 (May 2004).
Column
Abstract
The computer security field is replete with metaphors—the original and most commonly used metaphor is the computer (or network) as a fortress, the walls of which must be guarded against potential breaches. This metaphor is useful, but like all metaphors, it is not precise. Understanding the differences, between the metaphor of a fortress and the realities of securing a system is crucial to students understanding the subtleties of computer security. We discuss the fortress metaphor as a pedagogical tool, both how it succeeds and how it fails to aid student understanding.Copyright Notice
©2004 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author’s copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.
The definitive version was published in IEEE Security & Privacy Magazine 2(3), May 2004.
