A. Suggested Schedule:
The following sample module plan is based on the offering
of one to three hours of lectures.
1. Information as a corporate resource 0.2 to 0.5 hours
2. Basic Security Problems 0.5 to 1.0 hour
3. Ethical Issues 0.3 to 1.0 hour
4. Major Areas of Information Systems Study 0.5 to 1.0 hour
B. Class
and Homework Exercises:
Following are examples of possible class/paper exercises
that might enhance the lecture material for the module.:
-
Find/report
on current data security and computer crime problems. Use current journals
and newspapers. What comes closest to your community; to you?
-
Choose one ethical issue. Discuss it from the standpoint of
an organization,
an individual, and
the government.
Schou, C.D., Fites, P.E., & Burgess, J.D., “Corporate
Security Management,” in Information Security Modules, Department of Defense,
1989.
Consider this the capstone security module in this
document. Emphasis is on the management of a corporate level data security
program.
Denning, D.E., Cryptography and Data Security,
Addison-Wesley, 1983.
Presently this is one of the principal textbooks in
computer security. Good as a background reference.
Walston, C.E., “Communications Security,” in Information
Security Modules, Department of Defense, 1989.
Whiteside, T., Computer Capers, Mentor, 1978.
The problem of data security to our attention through
many vignettes of some early “tales of electronic thievery, embezzlement,
and fraud.” Whiteside’s stories can be used with reports of current
problems, for example from The Wall Street Journal or Fortune
magazine.
Johnson, Douglas W., Computer Ethics: A Guide for the New Age,
The Brethren Press, 1984.
This low-cost, readable paperback book introduces
critical issues, including: personal data, decision-making and identifying,
building and maintaining ethics in a computer society. This book addresses the
question of ethics in the indiscriminate use of the personal computer. The
concept of what ethics are is proposed and suggestions are made for
establishing a code for personal computer use.
Computer Professionals for Social Responsibility, Inc., P.O. Box
717, Palo Alto, CA 94301, 415/322-3778.
CPSR is an organization for computer professionals
concerned about social issues. There are active chapters around the world.
They produce a newsletter.
Mandell, Steven L., Computer Data Processing, and the Law,
West Publishing Company, Minnesota, 1984.
This book has been designed especially for the
functional aspects of data processing management.
Davis, G. G., Software Protection, Practical and Legal Steps to
Protect and Market Computer Programs, Van Nostrand Reinhold, New York, 1985.
An academic discussion of intellectual property rights,
copyright, unresolved problems with copyright, software warranties, export
controls, and infringement remedies.
Burgess, J.D. & Watts, R.T., “PC/Workstation Security,” in Information
Security Modules, Department of Defense, 1989.
This module gives an introduction to security problems
that one may have when working with a stand-alone PC or workstation
(networked PCs or workstations are NOT considered here). This material is
useful, for a one-person business as well as individual user who is part of a
larger organization.
Richards, T., Schou, C.D. & Fites, P.E. “Information Systems
Security Laws and Legislation,” in Information Security Modules,
Department of Defense, 1989.
Richards, et. al. review topics, timely laws and
legislation about computer security as it relates to the individual and the
organization.
Spiro, Bruce E. & Schou, Corey D., “System Security,” in Information
Security Modules, Department of Defense, 1988.
“Systems Security” is an upper level module that gives a detailed review
of security issues and the integration of these details into an organizational
security program.