Secure Web Applications


This module is designed to provide students with the knowledge and skills required in order to develop secure web applications. It is designed for students who are developing web applications in related modules, the students will be able to implement these security features in both individual projects and group projects.

Learning Outcomes

  1. Define the basic principals of, and motivations for, Web security.

  2. Perform a threat analysis of Web-accessible assets.

  3. Use knowledge of authentication, Security Identifiers (SIDs), Access Control Lists (ACLs), impersonation, and the concept of running with least privilege to  ensure access to only those system resources that are necessary to accomplish normal request processing.

  4. Protect file system data.

  5. Protect the portion of a Web application that requires private communications by using Secure Sockets Layer (SSL).

  6. Use general security coding best practices to help ensure a security-enhanced Web application.

  7. Build security-enhanced Web applications.

  8. Employ a structured approach to testing for Web application security.

% Coursework 30%
% Final Exam 70%