Workshops‎ > ‎cs-ga-2011‎ > ‎

Alexandra Savelieva and Sergey Avdoshin

National Research University “Higher School of Economics”, Russia


Sergey Avdoshin:

Sergey Avdoshin, Professor, PhD, holds a position of Head of Software Engineering Department at National Research University “Higher School of Economics”. Prof. Avdoshin was Head of Computer Science Department in Tsiolkovsky Russian State Technological University, president of Apple University in Russia and Head of Federal Certification Centre affiliated branch before joining the faculty of HSE. He is promoting the development of new professional standards for IT industry and Federal educational standard for new higher professional education in Russia. 

Prof.Avdoshin is working on bridging the gap between academic institutions and commercial organizations by building partnerships with the leaders of world software industry. Thanks to his efforts, HSE has become the latest educational institution to endorse the IEEE Computer Society’s Guide to the Software Engineering Body of Knowledge (SWEBOK) and the Certified Software Development Associate (CSDA) credential in 2010. Prof. Avdoshin is a member of ACM and IEEE professional societies, corresponding member of World Academy of Sciences for Complex Security and Associate Academician of World Informatization Academy.

Alexandra Savelieva:
Alexandra Savelieva is a post-graduate student at Higher School of Economics. Under the supervision of Dr. Prof. Avdoshin she has been engaged in research work in cryptography and cryptanalysis since her 3rd year in Russian State Technological University where she obtained a BSc in Computer Science degree with honours in 2006. She continued her education at Higher School of Economics and received a MSc in Business Informatics, honours, in 2008. Alexandra has received support from a government grant for her PhD research project.

In autumn 2010, Alexandra was visiting Microsoft Research, Redmond to participate in internship project in the field of symmetric cryptography and cryptanalysis headed by Dr. Dmitry Khovratovich.

Alexandra was recognized for outstanding research results by The Ministry of Education and Science of the Russian Federation (Diploma for the best students’ research in 2006). For her strong academic achievements, she was a President’s scholar in 2006/2008 and Russian Government scholar in 2007/2008, 2008/2010.

As of September 2008, Alexandra took a part-time job of a lecturer at Higher School of Economics. She is actively participating in the life of research communities in Russia by reporting the research results at professional conferences and workshops on Information Security and Software Engineering. Alexandra has over 30 publications on solving linear systems over residue rings, cryptanalysis methods, practical application of cryptography in software products, and efficiency of investments in information security systems.

Information Security Education and Awareness: Start with a Story

In this paper we propose a new approach to teaching practical information security in higher school based on case studies. We justify its place in information security curriculum by providing an example from our experience of teaching BSc and MSc students of Higher School of Economics . This paper fills the gap in existing practices for teaching information security which currently lack in guidelines for writing case
studies and integrating them into the curriculum of information security disciplines.

Keywords: information security, case study, risk management, best practices

Case study method was introduced in the beginning of 20th century in Harvard Business School primarily for development of analytical and problem-solving skills among training lawyers and managers. Today demand is growing for information security experts capable of acting in situations that involve risk or uncertainty, analyzing problems and making rational decisions. However, academic curricula still tend to focus on technical rather than human and risk management aspects of information security.

In this paper we demonstrate how case study method allows to create a learning environment that fosters the development of skills that information security professionals need for analyzing situations and making decisions in the real world. We outline potential problems an information security course instructor will face when trying to apply this method and share our experience in dealing with these difficulties. We demonstrate how to build a fascinating and relevant story from scratch without much efforts from the teacher but high benefit to the audience.

We present some facts on the improvements of information security education that we achieved so far in Higher School of Economics, e.g. substantial increase of students attendance rate and reduction of plagiarism in course projects. The approach we present has been recognized as high potential and received grants from Microsoft and Fund for Educational Innovations.