sec835 security in databases and web applications presentation
TRANSCRIPT
SEC835 Security in Databases and Web applications
Presentation
Objectives
Fundamentals of systems and software security
Information security threats and attacks Security services Secure software Databases security Web application security
Course Structure
Weeks 1 – 7 Fundamentals Threats and attacks Focused on Security Services, e.g. user
authentication, authorization, logging, testing
Course Structure
Weeks 8 – 17 Software security
Software vulnerabilities and controls Secure programming
Databases security Web application security
Course Implementation Strategy
Information security topic is large Key points selected Best industry practice is the base Theoretical materials Research projects in the lab Practice in identifying security
vulnerabilities and countermeasures
Students Evaluation
Lab completeness – 11% Assignments – 24% Mid-term test – 25% Final exam – 40%
Challenges
A lot of new terms and definitions Conceptual vision and analytical approach
required Writing in English required Presentations and discussions
Job searching tips
Include the appropriate message into your resume: Knowledge and tools that help in
Writing secure software, including web and database applications
GUI-based testing software for security
Focus on making practical reference tools you have developed yourself
Words of cautions
No intent of making you a security professionals
Intent is that working as a programmer, or tester, you understand related security issues and you have some knowledge of how to avoid them