As the number of software vulnerabilities discovered increases, the industry is facing difficulties to find specialists to cover the vacancies for security software developers. Considering relevant teaching and learning theories, along with existing approaches in software security education, we present the pedagogic rationale and the concrete…

Software security is inevitably dependent on developers' ability to to design and implement software without security bugs. Perhaps unsurprisingly, developers often fail to do this. Our goal is to understand this from a usability perspective, identifying how we might best train developers and equip them with the right software tools. To this end,…

Many of the software security vulnerabilities that people face today can be remediated through secure coding practices. A critical step toward the practice of secure coding is ensuring that our computing students are educated on these practices. We argue that secure coding education needs to be included across a computing curriculum. We are…

Information Technology (IT) skills gap discourse suggests a mismatch between what students are acquiring in terms of knowledge and skills in their education versus what employers believe are useful skills for doing day to day tasks. This study builds upon previous research (analyzing the skills of college students in IT-related majors) by…

Agile development methods have been proposed as a natural fit for mobile app development contexts. Despite many studies addressing the adoption of agile methods for traditional web and desktop applications, there is a lack of studies of how mobile app development teams can adopt agile methods and the challenges they are facing. Our study explores…

Faculty in the information systems (IS) and information technology (IT) fields are faced with the challenge to keep their curriculum relevant and current. What was taught two years ago will often be outdated and faculty must constantly update their curriculum on which courses should be taught as well as what should be taught within a particular…

Analysis of programming process data has become popular in computing education research and educational data mining in the last decade. This type of data is quantitative, often of high temporal resolution, and it can be collected non-intrusively while the student is in a natural setting. Many levels of granularity can be obtained, such as…

In the fields of information technology and information systems, faculty must consistently adjust the curriculum to meet the demands of the field. However, a challenge they often face is understanding what should be covered, especially given the limited number of courses most universities are able to offer. This research is a biennial report of…

In recent years, schools (as well as universities) have added cyber security to their computer science curricula. This topic is still new for most of the current teachers, who would normally have a standard computer science background. Therefore the teachers are trained and then teaching their students what they have just learned. In order to…

This paper presents the results of a comparison study between graduate students taking a software security course at an American university and international working professionals taking a version of the same course online through a free massive open online course (MOOC) created in the Google CourseBuilder learning environment. A goal of the study…

Despite the critical societal importance of computer security, security is not well integrated into the undergraduate computing curriculum. Security classes and tracks treat security issues as separable topics as opposed to fundamental issues that pervade all aspects of software development. Recently, there has been an increasing focus on security…

Software vulnerabilities originating from insecure code are one of the leading causes of security problems people face today. Unfortunately, many software developers have not been adequately trained in writing secure programs that are resistant from attacks violating program confidentiality, integrity, and availability, a style of programming…

With today's high demand for online applications and services running on the Internet, software has become a vital component in our lives. With every revolutionary technology comes challenges unique to its characteristics; for online applications, security is one huge concern and challenge. Currently, there are several schemes that address…

Online education and computer-assisted instruction (CAI) have existed for years, but few general tools exist to help instructors create and evaluate lessons. Are these tools sufficient? Specifically, what elements do instructors want to see in online testing tools? This study asked instructors from various disciplines to identify and evaluate the…

With increasing demand of mobile devices and cloud computing, it becomes increasingly important to develop efficient mobile application and its secured backend, such as web applications and virtualization environment. This dissertation reports a systematic study of mobile application development and the security issues of its related backend. …