Using a Business Compromise Scenario to Teach Cybersecurity

  • Andrew D. WolfeJr.Email author


This paper presents the experience of reworking an existing master’s-level course in database security to absorb new developments in the field and to better satisfy many divergent learning objectives. Regarding cybersecurity, the course is introductory; it is a semi-advanced course, however, as regards database theory and practice. The course is also delivered in both online and in-person modes. The primary teaching vehicle for the class is a business scenario, as realistic as possible, with a virtualized simulation of that business. The progressive application of security measures to that business aims to simultaneously teach cybersecurity fundamentals and practical, professional techniques in database administration for security. We present some experiences from the initial presentation of this course.


Cybersecurity Information security Pedagogy Simulation Gamification Cybersecurity education Database management 


  1. 1.
    D.D. Clark, D.R. Wilson, A Comparison of Commercial and Military Computer Security Policies, 1987CrossRefGoogle Scholar
  2. 2.
    B.W. Lampson, Computer security in the real world. IEEE Comput. 37(6), 37–46 (2004)CrossRefGoogle Scholar
  3. 3.
    N. Basit, A. Hendawi, J. Chen, A. Sun, A learning platform for SQL injection, in 50th ACM Technical Symposium on Computer Science Education (SIGCSE’19), Minneapolis, MN, 2019Google Scholar
  4. 4.
    P.P. Griffiths, B.W. Wade, An authorization mechanism for a relational database system. ACM Trans. Database Syst. 1(3), 242–255 (1976)CrossRefGoogle Scholar
  5. 5.
    S. Rizvi, A. Mendelzon, S. Sudarshan, P. Roy, Extending query rewriting techniques for fine-grained access control, in Proceedings of the 2004 ACM SIGMOD International Conference of Management of Data, 2004Google Scholar
  6. 6.
    Oracle Corporation, Using oracle virtual private database to control data access, in Oracle Database Security Guide, Oracle CorporationGoogle Scholar
  7. 7.
    S. McLeod, Kolb’s Learning Styles and Experiential Learning Cycle, 2017. Accessed 9 Apr 2020
  8. 8.
    P. Honey, A. Mumford, University of Leicester—Honey and Mumford. Accessed 9 Apr 2020
  9. 9.
    D.A. Kolb, Experiential Learning: Experience as the Source of Learning and Development (Prentice-Hall, Englewood Cliffs, NJ, 1984)Google Scholar
  10. 10.
    T. Lowe, C. Rackley, Cybersecurity education employing experiential learning, in Proceedings of the 2018 KSU Conference on Cybersecurity Education, Research and Practice, Kennesaw, GA, 2018Google Scholar
  11. 11.
    Bell, David E., Leonard J. La Padula, Secure Computing Systems: Mathematical Foundations, MITRE Technical Report MTR-2547, (The MITRE Corporation, Bedford, MA, 1973)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Department of Mathematics and Computer ScienceLoyola University New OrleansNew OrleansUSA

Personalised recommendations