Module Delivery
<< Home << Context << Content << Instructional Design Assessment>> Evaluation>>

 

 

The Database Disciplinary Commons

2010

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Delivery

There were 3 main aspects to delivery; Formal Lectures, Discussion Lectures and Practicals. This section of the portfolio is presented through the artefacts:

Formal Lecture

The coursework assignment asks students to write a paper which gives an overview of database security and then reviews one aspect of database security in detail. The students also create a Proof of Concept artefact to illustrate the topic they have chosen for detailed review. The artefact for this section is a formal lecture which introduces encryption in databases. The lecture was written on the basis that the whole topic would be new to most students and discussion during the lecture confirmed this. The aim of the lecture was to provide a basic introduction and to suggest the areas that students should investigate in depth. One thing that emerged from question and answer and student comments was that while all the students were aware of the importance of securing access to the database - all the students, for example, planned to encrypt passwords - only one student had had experience of working with encryption of data within a database.

Further Reading

Lectures are supported by further reading/research material/links posted on the VLE. Further reading for the Introduction to Database Security topic included links to the June 2008 Oracle Database Security Checklist and the Imperva Top Ten Database Security Threats white paper

Discussion Lectures

Discussion lectures were similar in format to the formal lectures, but there is less content in the lecture notes and more content generated by discussion and in-lecture activities. One lecture looked at the Google and E-Bay architectures based on a printed handout.

Practicals

The practicals were written to support the lectures and to allow students to explore concepts for themselves. The Encryption lecture, for example, was supported by a tutorial which allowed students to use full and partial data encryption in a DBMS and asked them to consider how secure this is, what the cost/benefit is, where and how this should be applied and how encryption linked to the management of permissions.

The artefact for this section is an SQL Injection practical which directs students to a database accessed via a web form, and asks them to trash the underlying database. This was one of the most popular tutorials, probably because it set the students a challenge rather than asking them to follow instructions. Students worked on the exercise outside class and some students used this as the basis for the proof of concept artefact developed for the coursework

Comment

One of the issues with delivery is always whether or not the students will turn up. Delivery may be great but if the students are not there to take part..... Attendance for the module was very good - virtually 100% for the Stuttgart cohort. Not quite as good for the UK cohort, but still good.

One of our other concerns was whether students would actually do the required research and read around the module topics. The quality of the extra reading, comprehension and application, varied from student to student but overall students took on board the fact that to pass the module, they had to go beyond the taught material. Some of the research produced was almost at masters' level. Delivery is much smoother when the teaching team can be confident that the students have done (or at least, will do) the underpinning work.

 
 
<< Instructional Design : Assessment>>