Developing an Undergraduate Course Curriculum on Information Security

The teaching of Information Security has well-known difficulties. On one hand, security issues can arise in a broad spectrum of fields, and it is challenging to chose a subset of topics to fit into one (undergraduate) course as well as maintain a clear flow among the chosen topics. On the other hand, given the rapid advancement in the field of Information Security, it requires a continuous and pro-active effort to keep the course up-to-date. In addition, our prior teachings have also witnessed other challenges when teaching Information Security for undergraduate students. First, students are naturally interested in security skills with an attacking nature. A course design that favors the coverage of defensive skills thus may not be able to strongly stimulate the students' learning. Second, the job market places a large weight on certificates, which, should also be strongly tied to and reflected in the course curriculum of Information Security. To address above issues, we design a new course curriculum for an undergraduate level Information Security course. Our design possesses a few major features and novelties. First, we organize the covered security topics in a security spectrum and strike a balance of theory and practice among the topics. Second, we introduce modules to add build-in natures for actively keeping the covered security topics current. Third, we develop a group of labs that have equal emphasis on offensive and defensive skills to stimulate the critical thinking and interests of the students while addressing the associated legal and ethical implications. Fourth, we incorporate key knowledge set from entry level certification into the curriculum to assist students in obtaining security certificates.