Hochschule Darmstadt - Fb Informatik

Drucken| Layout| Design| Schriftgröße English|
Modulbeschreibung
Module:Security of Web Applications

Security of Web Servers and Web Applications

Module numbers:41.5040 [PVL 41.5041]
Language:english
Study programme:Dualer Master 2013 - Katalog AS: Anwendungs- und systemorientierte Module
Dualer Master 2013 - Vertiefung IS: IT-Sicherheit
Master 2013 - Katalog AS: Anwendungs- und systemorientierte Module
Master 2013 - Vertiefung IS: IT-Sicherheit
Type of course:V+P = Lecture+Practical
Weekly hours:2+2
Credit Points:6
Registering for examimplicitly by booking
PVL (e.g. Practical):not graded
Frequency of offering:(lastly in WS 2018/2019)
Required knowledge:Development of web application in one of the following languages: PHP, Python, Java, Ruby, Go or NodeJS
Learning objectives:The students are able to
  • summerize key points of SSDLC
  • explain common vulnerabilitites of web applications
  • identify vulnerabilities in web applications and create security fixes
  • perform security tests from an attackers point of view
  • develop secure web applications
  • analyse and evaluate the security level of web servers and web applications
Content:
  • secure software development life cycle (SSDLC)
  • identify and prevent security flaws like injections, XSS, insecure session management
  • identify and correct design flaws like usage of insecure cryptographic ciphers
  • design and implementation of logging and audit trails
  • technical procedures and tools for vulnerabilitiy identification
  • development of security fixes for a vulnerable application (hands-on task)
  • use a continuous integration (CI) environment
  • usage of version control systems like git and SVN
  • test applications deployed on a web server and review the configuration management of web servers
Lecture style / Teaching aids:Fixing vulnerabilities in a web application and REST API.
The student can choose one of the following programming languages for the course: PHP, Python, Java, Ruby, Go or NodeJS
Responsibility:Harald Baier
Released:WS 2018/2019
Offered in WS 19/20:Sauer,P.
Professional competencies:
  • formal, algorithmic, mathematical competencies: low
  • analytical, design and implementation competencies: high
  • technological competencies: high
  • capability for scientific work: medium
Interdisciplinary competencies:
  • project related competencies: high
  • interdisciplinary expertise: basic technical and natural scientific competence, basic juristic competence
  • social and self-competencies: ability to work in a team, analytical competence, judging competence, deciding competence, competence of knowledge acquisition, presentational, documentary, teaching and mentoring competence

[Fachbereich Informatik] [Hochschule Darmstadt]
© 2008 - 2019 FBI OBS Team. Alle Rechte vorbehalten.