License: Creative Commons Attribution 4.0 International license (CC BY 4.0)
When quoting this document, please refer to the following
DOI: 10.4230/OASIcs.ICPEC.2021.11
URN: urn:nbn:de:0030-drops-142276
URL: https://drops.dagstuhl.de/opus/volltexte/2021/14227/
Go to the corresponding OASIcs Volume Portal


Zhao, Tiange ; Gasiba, Tiago Espinha ; Lechner, Ulrike ; Pinto-Albuquerque, Maria

Exploring a Board Game to Improve Cloud Security Training in Industry (Short Paper)

pdf-format:
OASIcs-ICPEC-2021-11.pdf (0.7 MB)


Abstract

Nowadays, companies are increasingly using cloud-based platform for its convenience and flexibility. However, companies still need to protect their assets when deploying their infrastructure in the cloud. Over the last years, the number of cloud-specific vulnerabilities has been increasing. In this work, we introduce a serious game to help participants to understand the inherent risks, understand the different roles, and to encourage proactive defensive thinking. Our game includes an automated evaluator as a novel element. The players are invited to build defense plans and attack plans, which will be checked by the evaluator. We design the game and organize a trial-run in an industrial setting. Our preliminary results bring insight into the design of such a game, and constitute the first step in a research using design science.

BibTeX - Entry

@InProceedings{zhao_et_al:OASIcs.ICPEC.2021.11,
  author =	{Zhao, Tiange and Gasiba, Tiago Espinha and Lechner, Ulrike and Pinto-Albuquerque, Maria},
  title =	{{Exploring a Board Game to Improve Cloud Security Training in Industry}},
  booktitle =	{Second International Computer Programming Education Conference (ICPEC 2021)},
  pages =	{11:1--11:8},
  series =	{Open Access Series in Informatics (OASIcs)},
  ISBN =	{978-3-95977-194-8},
  ISSN =	{2190-6807},
  year =	{2021},
  volume =	{91},
  editor =	{Henriques, Pedro Rangel and Portela, Filipe and Queir\'{o}s, Ricardo and Sim\~{o}es, Alberto},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/opus/volltexte/2021/14227},
  URN =		{urn:nbn:de:0030-drops-142276},
  doi =		{10.4230/OASIcs.ICPEC.2021.11},
  annote =	{Keywords: cloud security, cloud control matrix, shared-responsibility model, industry, training, gamification}
}

Keywords: cloud security, cloud control matrix, shared-responsibility model, industry, training, gamification
Collection: Second International Computer Programming Education Conference (ICPEC 2021)
Issue Date: 2021
Date of publication: 01.07.2021


DROPS-Home | Fulltext Search | Imprint | Privacy Published by LZI