Syllabus e-safety

De Wiki ECOPOL
Révision datée du 6 juin 2011 à 17:01 par Remilevy (discussion | contributions) (Privacy and data management)

e-GUARDIAN - Syllabus V.2.x

Introduction : aims & resources

Aims

This wiki page aims at facilitating a collaborative synergic process for defining the syllabus on netsafety of the EU LdV e-Guardian project. Participants are delagtes of partner's institutions from Lithuania, Latvia, Germany and Switzerland.

The resources are :

A web-based social bookmarking working group

on here on Diigo, we can post all related useful information on netsafety, such as :

- definition of key-words

- examples of quizz, pedagogical scenarios and other pedagogical resources

- related scientific articles

- other relevant initiatives

Guidelines for the syllabus

They wwere provided by the project's team coordinated by the LIA organisation, and specially the syllabus workpackage leader, ecdl.lt, represented by Engenijus Telesius and his team composed of Renata Danieliene & Tomas Lygutas, which is complemented by partner's delegate Algimantas Merkys (LIA, the coordinator's team), Dennis Krannich (Bremen Univbersity), Théo Bondolfi & Rémi Lévy (APTES Switzerland).


These guidelines are :

1. Focus on e-safety offline as well as online, therefore always taking into account basic needs (such as password storage) as well as complex needs (such as behaviour in web2 environments).

2. Taking into account all key-points in this initial version, and considering these key-point as "objects" whcih can be replaced in other forms but which must stay available.

3. respecting the steps of user point of view (example : 1 start computer, 2 launch application...)

4. restructuring with categories and sets like in the policies of ECDL [1]

5. keeping as much as possible the existing phrases and formulations, only changing (merging, repositioning, pionderating) when it suits the next step of test/scenarios

6. Keeping in mind the final intention of equity between risks & opportunities proposing positive practices (opportunities, in an educative perspective) and preventing bad practices (risks, which creates fear), based on the vision of the slide 10 of this presentation of Anne Collier, which says that netsafety3.0 should be :

- research-based, not fearbased, therefore relevant

- flexible & layered, instead of "one-size-fits-all"

- respectful of learning culture : stakeholders in positive experience, not just potential victims

- positive, empowering : not just safety from, but safety for...

- full, constructive engagement in participatory society (that's the context of the construction of this syllabus)


Mind mapping for the key-notions of the syllabus

Erreur lors de la création de la miniature : Fichier manquant

In addition, Rémi Levy from APTES has produced a mind mapping image to represent all the notions for the e-safety syllabus. You can access to the interactive map - You can modify it directly because we keep a copy of the precedent contribution.

Basic knowledge on e-safety

1.1. History : from static web1 to dynamic web2 environements

1.2. Intention : web3 proposing constructive engagement in participatory society (or : security through light instead of old model of security through obscurity),

1.3. Know about equity between opportunities & risks since web2

1.4. Know about netiquette and other basic codes of conducts in the cyberspace (RFC 1855)

1.5. Know about social engineering and it’s methods, including participative culture and abuses if you don't understand/respect them, for example having your password stolen (to be reformulated)

1.6. Understand the differences of contents (functional, factual, creative) of information

1.7. Understand the diffrences of formats (open, privative)

1.8. Understand the notion of Identity (maybe to be repositionned in some other chapter)

1.9. eTools : Product versus function

1.10. Be aware of different identity for authorization theft methods (skimming, pretexting, shoulder surfing, information diving…) must be repositionned into the scam/hoax (chapter 5 or 6)

1.11. Be aware of privacy protection legal act (be aware of the responsibility for own actions on the Internet: do not publish the information without permission, be responsible by writing comments, do not download music, movies and so on).

1.12. Organizational security (school security) – or social engineering?, usage of school web pages, content publishing, access

Privacy and data management

2.1. Understand the opportunities and risks of (digital) data management from fully collaborative to full privacy.

2.2. Know about multi-layer password creations and changing and keeping password policies.

2.3. Know about safe computer login methods.

2.4. Understand the meaning and importance of access rights.

2.5. Know multiple user accounts on various digital environments. Understand what a personal user account is and how data of different users is separated.

2.6. Be aware of data encryption, decryption and password protected files, transfer ?.

2.7. Understand what intellectual property on Internet is and be aware of privacy protection legal act.

2.8. Understand the benefits and purpose of data and backups and be able to restore lost data.

2.9. [2.9 & 1.11 to me merged "Privacy Management"- RL] Know how to start and finish safe browsing session (https, lock icon, always logout and close the browser window). Know consequences of not safe browsing.

2.10. Know how to browse the Web securable. Know about advantages, disadvantages and dangers of Internet cookies. Know about tools that ensure safety when browsing the Internet (blocking of cookies, ActiveX control, etc.)
2.11. [#Privacy-RL] Be able to manage, clear temporary Internet files, browser history, passwords, cookies, and autocomplete data.

Security tools and network security

3.1. Know computer network types and why protection is needed. local area network (LAN), wide area network (WAN), virtual private network (VPN)

3.2. Know different network connection methods (Mobile networks, Wireless, Cable).

3.3. Sharing and accessing resources over network (files, printer, screen),

3.4. Understand safety means of computer networks (Firewall, Antivirus, Password protection, Connection encryption – wireless)

3.5. Be able to use standard OS integrated protection tools.

3.6. #see how integrate 3.5 to 2.11 : "All about maleware and intrusion protection tools" - RL Know what a quality anti-virus, anti-spyware, spam blocker, and personal firewall is and how to use it. (Be able to turn on / off and adjust protection level in standard security means that are integrated in the operating system (Firewall, Protection tools, etc.), know that it is unsafe to turn antivirus software off and know consequences). Distinguish different modes of antivirus protection (active, passive…).

3.7.[#Updating operating system- RL]. Know how to follow, download and use updates for your operating system, software and importance of antivirus definition files. Understand the benefits of these updates.
3.8. Distinguish different modes of antivirus protection (active, passive…).[# see also 3.6]
3.9. Know what has to be done and in what order, if you suspect that computer system is infected.
3.10. Distinguish infected files deletion, quarantining and curing.
3.11. Informal and formal periodic external checkup.

Children, newcomers in schools and workplaces : means of safe use for socio-digital inclusion

4.1. Understand the impact of communication with new users about safety in IT World,

4.2. Policy : Be able to develop policies and applicate methods for children’s use of the computer and the Internet (depending on age and socio-cultural situation)

4.3. Understand the purpose of monitoring, filtering and controlling tools against children computer usage and web browsing.

4.4. Understanding advantages and limitations with protection software.

Social networks and safe usage of the Internet

5.1. Know when and in which cases personal information can be published on the Internet, i.e. status publishing about leaving home,.

5.2. Understand what a social network is, what are opportunities and risks of social network. Age groups of using social networks. Options and parameters for information disclosure. Understand that it is not safe to disclose information about user accounts, passwords and so on.

5.3. Know different social network types and be able to use them harmless and safe (appropriate account privacy settings).

5.4. (Publishing content)Know what type of information recommended to be published on social network, be responsible for published content, know impacts

5.5. Be able to safely connect to e-Services and secure environments– connecting and using, recover lost passwords.

5.6. (Emails)Be able to send/receive e-mail securely. Know how to reject email from specific email addresses. Know how to treat email messages from unknown senders

5.7. (Spam and malware) Be able (understand) to use network resource controlling software and hardware. Know about email that is classified as spam, and email messages infected with malware.

5.8. Be aware of network resource controlling software and hardware. Know how to reject email from specific email addresses.Know about scam, hoax, chain letters...[5.7 & 5.8 to be merged - RL]

5.9. Understand threats of virtual communication: virtual dating, bullying, commenting,

5.10. Dependency and addiction to the Internet. [# to be develop - TL]

5.11. Understand 'threats of inappropriate content for different groups of people (duality of personality, psychological harm, racism, religious sect, alluring to buy something or disclose your information, information about drugs, violence and so on)

5.12. Reliability of information (Understand that it is not safe to disclose information about user accounts, passwords and so on. can not fully trust content and identities on the internet. (i.e. blogs, Wikipedia, etc).

5.13. Reputation management. Know who you should contact if you discovered inappropriate information about you or your related digital identities. .

5.14. Abuse management, cyber bullying, cyber-mobbing, when is it possible to remove, when to put additional correct information.

5.15.