Margaret Schmit

Wilson
Writing 2
Due Nov 18, 2015
WP3
1. Start Here:
Youre a software engineer at BigCo, a company that develops software for healthcare
devices. Sacred Heart Hospital has recently hired your company to do an overhaul of all of
their computer security systems. As the top software security engineer at the company,
youve been put in charge of choosing which security system would be the best to keep
patient information safe and accessible at Sacred Heart. If you do your job well, you know
that theres a big bonus in store for you, as well as a possible promotion.
Your first is to decide what authentication tools the new software system should use.
Authentication tools are the devices that are used to authenticate the user and make sure that
whoever is accessing the information on your system is allowed to access that information.
For example, many websites use usernames and passwords as their authentication tool. When
choosing your authentication tool, it is important to remember that the information needs to
be secure, but also quickly accessible in times of crisis. If doctors cant log onto your system
fast enough, they may not be able to get the information they need and patients could die.
No pressure!
You have three options of which authentication tool to use:
If you want to use passwords as your authentication tool, go to 2
If you want to use fingerprint identification as your authentication tool, go to 3
If you want patients to wear mHealth devices as their authentication tool, go to 4
2. Passwords as your Authentication Tool
Youve chosen to use passwords as your authentication tool for your security system.
Passwords are mostly secure, but this authentication tool is vulnerable to outside cyber
attacks. Additionally, password entry disrupts the workflow of the doctors, leading to delayed
patient care in some hospital settings. This can be threatening to patient health in some
situations.
Proceed to 5
3. Fingerprint Identification as your authentication tool
Youve chosen to use fingerprint identification as your authentication tool for your
security system. This authentication tool is very secure, but requires doctors to take off their
gloves to access information in a hospital environment. This greatly delays patient care, and
threatens the lives of patients in many cases. Not the best choice in authentication tool, but
whats done is done.
Proceed to 5

4. mHealth Devices as your authentication tool

mHealth devices are mobile devices that allow doctors to access patient information.
Patients keep their devices on them at all times to allow them access to healthcare at a
moments notice. This authentication tool is secure and effective, except when patients forget
to carry their mHealth device with them.
Proceed to 5
5. Your Next Big Decision
Now that youve decided on an authentication tool you can focus on the software in the
system. Sacred Heart has a pre-existing security system that hasnt been updated since the
90s. This leaves it vulnerable to modern cyber attacks that software engineers 20 years ago
couldnt have known existed. You dont have a lot of time to work on this project, so you
have to decide which attacks are most important to protect the system from.
If you choose to protect the system from USB drive attacks, go to 6
If you choose to protect the system from network attacks, go to 7
If you choose to protect the system from both, go to 8
6. You protect the system from USB drive attacks
Modern systems are extremely vulnerable to malware that is entered into a system
through a USB drive. By protecting the system from USB drive attacks, you ensure that no
one can upgrade (aka change) your system and make sure the system only runs correct
software. However, this leaves the system vulnerable to network hackers who will try to
break into the system and steal patient information.
Proceed to 9
7. You protect the system from network attacks
Network attacks are from outside hackers who want to break in and steal patient
information. By protecting your system from network attacks, you ensure that patient
information remains private. However, this leaves the system vulnerable to USB Drive
attacks, that can change the system and make different software run on the system.
Proceed to 9
8. You protect the system from both USB drive and network attacks
You have chosen to try to protect your system from both USB and network attacks. This
helps ensure that patient information is safe and that no one can make bad software run on
the system. However, you didnt have enough time to make your system run both of these
protections completely, so this system will require constant maintenance by your company.
Overall, you have chosen the most secure system, but it will cost you and your company
many days to maintain.
Proceed to 9
9. The End
You have successfully completed writing software for Sacred Hearts new computer
security system. The doctors and patients all thank you for your help in keeping this
important hospital running in the future.

As you can see, there is really no right or wrong answer when it comes to computer
security. Security is essential to our everyday lives, and software engineers are constantly
doing research and improving the current systems that we have. In the end, the best we can
do is make a decision and hope that the hackers just have a bad day.
THE END

Margaret Schmit
Wilson
Writing 2
Due Nov. 18, 2015
WP3 Analysis
Computers are something that almost everyone uses every single day. However, most
people, especially children, dont have the slightest idea how computer work. For example,
children create and use passwords for websites because the website tells them they hae to make
one. Rarely do general computer users understand what passwords are protecting them from, or
how computer security works to protect them, their information, and their identities. How can
kids know that they want to join the software engineer discourse community if they know
nothing about software engineers and computer security? Children, even older children, cant
read the articles and papers that are passed around this discourse community because the way the
papers are written, they can only be understood by experts in the field. Thats why, for my WP3,
I decided to translate an academic journal article Security for Mobile and Cloud Frontiers in
Healthcare by David Kotz, Kevin Fu, and Avi Rubin. I translated this article into a Choose-YourOwn-Adventure story, to make the content of the article both accessible and interesting for
middle-school age children to read.
The first choice I had to make for WP3 was to decide what genre I wanted to translate my
artile into. This article needed to be translated in a waythat maintained the general ideas of the
article, but was fun and easy for middle-school age children to read. The article contains too
much complex information to be stored in a poem or a limerick. Additionally, the article
presented a lot of different security options to the reader, and laid out the pros and cons of every

security choice a software engineer could make. At first, I thought that I should write ashort story
based on the article, to make the information in the article interesting. However, I discovered that
a short story based on the article would not allow the reader to explore every security option that
the authors of the article had laid out in the article. I then thought that a Choose-Your-OwnAdventure story might be a good choice to translate my article into. A Choose-Your-OwnAdventure story is designed to allow users to explore different options within their story, so it
would allow readers to explore the options within the article. Additionally, the Choose-YourOwn-Adventure story genre is designed to appeal to children who are around late elementary
school and middle school age, so this type of story would appeal to my intended audience.
Another task I faced when translating the article Security for Mobile and Cloud Frontiers
in Healthcare was to decide what the most important parts of the article were. When translating
something, it is important to remember that you cant translate everything ~ otherwise your
translation would be merely a copy of the original piece. I wanted to create Choose-Your-OwnAdventure story that captured the gist of the original piece, so I had to identify the most
important parts of the article. To do this, I used the information that we learned about in class
when reading Rosenburgs Reading Games. In her article, Rosenburg describes techniques to
reading and understanding scholarly articles. Rosenburg advises readers to read section headings
before delving into a text because they give you a sense of the trajectory of the text
(Rosenburg). In other words, section headings tell the reader what the author thinks is the most
important part of each section, and therefore gives clues to what is the main idea of the article.
For example, in my article, one of the section headings was Usable authentication tools (Kotz,
Fu, and Rubin). Authentication tools are mentioned in a section heading, therefore they must be
pivotal to the general trajectory of the article. Things that are pivotal to a text should be included

in a translation of that text, because the text would not be the same without them. This is one
methods I used to determine what the main points of the article were, and what points I should
include in my Choose-Your-Own-Adventure story.
Another aspect of translating a text from one genre to another is deciding how to cut the
text down. Once you have the main points, you need to cutout the unnecessary or frivolous stuff
from your translation. McCloud references how to do this in his comic Writing With Pictures.
McCloud says that a storys moments should be like a dot-to-dot puzzle and that if removing a
dot doesnt change the shape of a story then maybe that particular dot wasnt needed in the first
place (McCloud). So, using McClouds metaphor, I had to choose which of the dots (or points)
were necessary for the telling of this article, and which were not. I did this by using McClouds
advice, and seeing if I could maintain the basic messages of the article after removing certain
details from the story. If the basic messages of the article remained after a part was removed, I
knew that that part didnt need to be included in my translation. For example, a lot of the details
explaining how computer security were removed from my story, because I just needed children
to understand that basic ideas behind computer security, not the details behind it. Using this
method, I could cut the paper down to just the barebones information that was necessary to the
telling of the story.
After determing the overlying messages and removing the extraneous parts of the article,
I had to actually translate the article. To do this, I used the advice in Mike Bunns How to Read
Like a Writer class reading. Bunn says that, when you read a text, you should always consider the
writers purpose and intended audience before reading. I flipped this suggestion, and before
writing I thought about what purpose and intended audience I had. I wanted to write a piece that
would engage the middle school audience I had decided on. Additionally, my purpose in writing

this piece was to make the article understandable on a juvenile level. After considering these
questions, I set about writing my piece, making sure to include all of the points that I had
determined were important. I used the original article as a guide/outline for my story, so that I
made sure that I was loyal to the original article. I really focused on making conscious choices to
achieve my purpose for writing this paper.
I think I achieved my purpose in writing my paper, but I dont think I would have done as
well if I hadnt gone through this process of determining the main points, eliminating extraneous
moments, and making conscious writing decisions.