Enforcing Early Implementation of Information Assurance Precepts Throughout The Design Phase
Ken Trimmer, Corey Schou, and Kevin Parker
Secure information systems are of great concern to organizations and governments. However, the topic of information systems security is inadequately addressed in most textbooks commonly used in Systems Analysis and Design and Database Design courses. Students do not learn the importance of information security unless supplemental materials are provided. At best, information system security is often viewed as a broad non-functional requirement and as a late-binding decision in systems design. We propose using the Reference Monitor (RM) as a conceptual framework to introduce security into Systems Analysis and Database Design courses as well as subsequent design/ implementation courses.
Keywords: systems development life cycle, requirements analysis phase, design reference monitor, information assurance, McCumber, MSR model
Ken Trimmer is an Associate Professor of Computer Information Systems in the College of Business at Idaho State University. He holds a PhD. in Information Systems from the University of South Florida. His pedagogical research focuses on educational issues in systems analysis and design. Other current research interests focus on adoption and implementation issues with enterprise systems in academic institutions and healthcare. Dr. Trimmer has numerous publications in journals and conference proceedings, and reviews for both journals and conferences.
Corey Schou is a University Professor of Informatics and Associate Dean of Information Systems in the College of Business at Idaho State University. He holds a PhD from Florida State University. Dr. Schou is the director of the Informatics Research Institute and directs both NIATEC (National Information Assurance Teaching and Education Curriculum), part of Idaho State University’s National Center of Excellence for Information Assurance and the Simplot Decision Center. He has published numerous journal articles on Information Assurance and has focused on educational standards for this subject. Schou currently serves as the Chair of the Colloquium for Information Systems Security Education.
Kevin Parker is a Professor of Information Systems in the College of Business at Idaho State University. He holds a PhD. in Information Systems from Texas Tech University. Dr. Parker is an active participant in the research community, serving as editor of a journal and reviewing for numerous journals and conferences. His excellence in teaching and research has been recognized by the College of Business as an outstanding teacher and researcher.
Return to the Table of Contents