We present a concrete situation where there is a difference between the theoretical security of a cipher and its limitations when implemented in practice. Specifically, when entering a PIN, smudges on the keypad substantially reduce its security. We show how the number of possible keys in the presence of the "smudge attack" can be…

Higher Education institutions understand that there is a need to embed professional skills within degree programmes. However, evidence shows that graduates, whilst having developed good theoretical knowledge, lack experience and confidence when entering the workplace. Employers view the importance of degree-related skills as only a part of the…

As both the frequency and the severity of network breaches have increased in recent years, it is essential that cybersecurity is incorporated into the core of business operations. Evidence from the U.S. Bureau of Labor Statistics (Bureau of Labor Statistics, 2012) indicates that there is, and will continue to be, a severe shortage of cybersecurity…

This paper describes the implementation of an information security program at a large Midwestern university. The initial work is briefly summarized and improvements that have occurred over time are described. Current activities and future plans are discussed. This paper offers insight and lessons learned for organizations that have or are…

The security and assurance of our computing infrastructure has become a national priority. To address this priority, higher education has gradually incorporated the principles of computer and information security into the mainstream undergraduate and graduate computer science curricula. To achieve effective education, learning security principles…

One of the most important topics for today's information technology professional is the study of legal and regulatory issues as they relate to privacy and security of personal and business data and identification. This manuscript describes the topics and approach taken by the instructors that focuses on independent research of source documents and…

Using animated visualization tools has been an important teaching approach in computer science education. We have developed three visualization and animation tools that demonstrate various information security concepts and actively engage learners. The information security concepts illustrated include: packet sniffer and related computer network…

In a tight job market, IT professionals with database experience are likely to be in great demand. Companies need database personnel who can help improve access to and security of data. The events of September 11 have increased business' awareness of the need for database security, backup, and recovery procedures. It is our responsibility to…