[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
10.1145/3502717.3532125acmconferencesArticle/Chapter ViewAbstractPublication PagesiticseConference Proceedingsconference-collections
poster

Can We use Authentic Learning to Educate Students about Secure Infrastructure as Code Development?

Published: 07 July 2022 Publication History

Abstract

Despite yielding benefits for organizations, infrastructure as code (IaC) scripts are susceptible to security weaknesses, such as hard-coded passwords. Existence of such security weaknesses necessitate integration of education materials related to secure development of IaC scripts. In this preliminary work, we describe our experiences of how application of authentic learning helped students learn about secure development of IaC scripts. Our paper shows education materials based on authentic learning to help students learn about secure IaC development.

References

[1]
Faith W Maina. 2004. Authentic learning: Perspectives from contemporary educa- tors. (2004).
[2]
Kai Qian, Dan Lo, Reza Parizi, Fan Wu, Emmanuel Agu, and Bei-Tseng Chu. 2018. Authentic Learning Secure Software Development (SSD) in Computing Education. In 2018 IEEE Frontiers in Education Conference (FIE). 1--9. https://doi.org/10.1109/ FIE.2018.8659217
[3]
Akond Rahman and Laurie Williams. 2021. Different Kind of Smells: Security Smells in Infrastructure as Code Scripts. IEEE Security Privacy 19, 3 (2021), 33--41. https://doi.org/10.1109/MSEC.2021.3065190

Cited By

View all
  • (2024)Authentic Learning on DevOps Security with Labware: Git Hooks To Facilitate Automated Security Static Analysis2024 IEEE 48th Annual Computers, Software, and Applications Conference (COMPSAC)10.1109/COMPSAC61105.2024.00388(2418-2423)Online publication date: 2-Jul-2024
  • (2023)An empirical study of task infections in Ansible scriptsEmpirical Software Engineering10.1007/s10664-023-10432-629:1Online publication date: 29-Dec-2023

Index Terms

  1. Can We use Authentic Learning to Educate Students about Secure Infrastructure as Code Development?

    Recommendations

    Comments

    Please enable JavaScript to view thecomments powered by Disqus.

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    ITiCSE '22: Proceedings of the 27th ACM Conference on on Innovation and Technology in Computer Science Education Vol. 2
    July 2022
    686 pages
    ISBN:9781450392006
    DOI:10.1145/3502717
    Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 07 July 2022

    Check for updates

    Author Tags

    1. devops
    2. devsecops
    3. infrastructure as code

    Qualifiers

    • Poster

    Funding Sources

    • U.S. National Science Foundation

    Conference

    ITiCSE 2022
    Sponsor:

    Acceptance Rates

    Overall Acceptance Rate 552 of 1,613 submissions, 34%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)12
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 01 Jan 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2024)Authentic Learning on DevOps Security with Labware: Git Hooks To Facilitate Automated Security Static Analysis2024 IEEE 48th Annual Computers, Software, and Applications Conference (COMPSAC)10.1109/COMPSAC61105.2024.00388(2418-2423)Online publication date: 2-Jul-2024
    • (2023)An empirical study of task infections in Ansible scriptsEmpirical Software Engineering10.1007/s10664-023-10432-629:1Online publication date: 29-Dec-2023

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Media

    Figures

    Other

    Tables

    Share

    Share

    Share this Publication link

    Share on social media