Teaching Considerations

A. Suggested Schedule:

The following sample module plan is based on the offering of one to three hours of lectures.

1. Information as a corporate resource 0.2 to 0.5 hours

2. Basic Security Problems 0.5 to 1.0 hour

3. Ethical Issues 0.3 to 1.0 hour

4. Major Areas of Information Systems Study 0.5 to 1.0 hour

B. Class and Homework Exercises:

Following are examples of possible class/paper exercises that might enhance the lecture material for the module.:

  • Find/report on current data security and computer crime problems. Use current journals and newspapers. What comes closest to your community; to you?

  • Choose one ethical issue. Discuss it from the standpoint of

an organization,

an individual, and

the government.

  • List six major areas of information security study and for each one, give threereasons why it is important.


Schou, C.D., Fites, P.E., & Burgess, J.D., “Corporate Security Management,” in Information Security Modules, Department of Defense, 1989.

Consider this the capstone security module in this document. Emphasis is on the management of a corporate level data security program.

Denning, D.E., Cryptography and Data Security, Addison-Wesley, 1983.

Presently this is one of the principal textbooks in computer security. Good as a background reference.

Walston, C.E., “Communications Security,” in Information Security Modules, Department of Defense, 1989.

Whiteside, T., Computer Capers, Mentor, 1978.

The problem of data security to our attention through many vignettes of some early “tales of electronic thievery, embez­zlement, and fraud.” Whiteside’s stories can be used with reports of current problems, for example from The Wall Street Journal or Fortune magazine.

Johnson, Douglas W., Computer Ethics: A Guide for the New Age, The Brethren Press, 1984.

This low-cost, readable paperback book introduces critical issues, including: personal data, decision-making and identi­fy­ing, building and maintaining ethics in a computer society. This book addresses the question of ethics in the indiscrimi­nate use of the personal computer. The concept of what ethics are is proposed and suggestions are made for establishing a code for personal computer use.

Computer Professionals for Social Responsibility, Inc., P.O. Box 717, Palo Alto, CA 94301, 415/322-3778.

CPSR is an organization for computer professionals concerned about social issues. There are active chapters around the world. They produce a newsletter.

Mandell, Steven L., Computer Data Processing, and the Law, West Publishing Company, Minnesota, 1984.

This book has been designed especially for the functional aspects of data processing management.

Davis, G. G., Software Protection, Practical and Legal Steps to Protect and Market Computer Programs, Van Nostrand Reinhold, New York, 1985.

An academic discussion of intellectual property rights, copyright, unresolved problems with copyright, software war­ranties, export controls, and infringement remedies.

Burgess, J.D. & Watts, R.T., “PC/Workstation Security,” in Information Security Modules, Department of Defense, 1989.

This module gives an introduction to security problems that one may have when working with a stand-alone PC or work­station (networked PCs or workstations are NOT considered here). This material is useful, for a one-person business as well as individual user who is part of a larger organization.

Richards, T., Schou, C.D. & Fites, P.E. “Information Systems Security Laws and Legislation,” in Information Security Modules, Department of Defense, 1989.

Richards, et. al. review topics, timely laws and legislation about computer security as it relates to the individual and the organization.

Spiro, Bruce E. & Schou, Corey D., “System Security,” in Information Security Modules, Department of Defense, 1988.

“Systems Security” is an upper level module that gives a detailed review of security issues and the integration of these details into an organizational security program.