“…These topics include security concepts (e.g., data confidentiality, integrity and availability), protection methodologies (e.g., access control models, cryptography, and Oracle Label Security), and known attacks (e.g., SQL Injection). Similarly Yang introduces a set of topics to be covered in information security and auditing at the university level; these are "database basics, access control theories, application security, virtual private database (VPD), and database auditing [28]." While Schweitzer and Boleng do not present an approach for teaching these courses, Guimareas et al [12], Shweitzer and Brown [25], and Yang [28] present ideas for interactive learning of security concepts.…”