Full Title:Computer Security for Software Developers
Language of Instruction:English
Module Code:CSYS C7Z17
 
Credits: 5
Valid From:Semester 1 - 2014/15 ( September 2014 )
Module Delivered in 1 programme(s)
Module Description:Students completing this module will have an understanding of the most common security threats and attacks, develop an understanding of how to discover vulnerabilities and be aware of how to select appropriate security controls and defenses
Learning Outcomes:
On successful completion of this module the learner should be able to
  1. Illuminate the need for security at the design phase of an application and identify risk
  2. Discuss the legislation and ethical issues relating to privacy and confidentiality, specifically when holding user data
  3. Demonstrate a clear understanding of the OWASP top 10 vulnerabilities
  4. Design and incorporate software defences against the top 10 vulnerabilities
  5. Identify and deploy appropriate risk mitigation solutions
 

Module Content & Assessment

Indicative Content
Introduction
Program security flaws, OWASP, malicious and nonmalicious
Privacy
Privacy-Enhancing and Privacy-Aware methodologies and technologies, relevant legislation
Authentication & Authorization
Authentication implementation flaws, Securing authentication Access Control, Session Management
Browser Security Principles
Cross Site Scripting, Cross Site Request Forgery
Database Security Principles
SQL Injection, LDAP Injection
Buffer Overflow Vulnerabilities
Detecting, exploiting, and preventing buffer overflows
Assessment Breakdown%
Course Work50.00%
End of Module Formal Examination50.00%

Full Time

Course Work
Assessment Type Assessment Description Outcome addressed % of total Marks Out Of Pass Marks Assessment Date Duration
Essay Outline the importance of implementing good security practices with developing software applications 1,2 10.00 0 0 n/a 0
Project Develop a small secure software application 4,5 20.00 0 0 n/a 0
Project Carry out a penetration test of a software application with known vulnerabilities 1,3 20.00 0 0 n/a 0
No Project
No Practical
End of Module Formal Examination
Assessment Type Assessment Description Outcome addressed % of total Marks Out Of Pass Marks Assessment Date Duration
Formal Exam End-of-Semester Final Examination 1,2,3,4 50.00 0 0 End-of-Semester 120

Part Time

Course Work
Assessment Type Assessment Description Outcome addressed % of total Marks Out Of Pass Marks Assessment Date Duration
Essay Outline the importance of implementing good security practices with developing software applications 1,2 10.00 0 0 n/a 0
Project Develop a small secure software application 4,5 20.00 0 0 n/a 0
Project Carry out a penetration test of a software application with known vulnerabilities 1,3 20.00 0 0 n/a 0
No Project
No Practical
End of Module Formal Examination
Assessment Type Assessment Description Outcome addressed % of total Marks Out Of Pass Marks Assessment Date Duration
Formal Exam End-of-Semester Final Examination 1,2,3,4 50.00 0 0 End-of-Semester 120
Reassessment Requirement
A repeat examination
Reassessment of this module will consist of a repeat examination. It is possible that there will also be a requirement to be reassessed in a coursework element.
Reassessment Description
The case assignment(s) will be repeatable

DKIT reserves the right to alter the nature and timings of assessment

 

Module Workload & Resources

Workload: Full Time
Workload Type Workload Description Hours Frequency Average Weekly Learner Workload
Lecture The lecture will outline the theories of application security 2.00 Every Week 2.00
Practical Implement the theories outlined in the lecture 2.00 Every Week 2.00
Directed Reading Carry out further reading on the topics covered in lectures and labs 2.00 Every Week 2.00
Independent Study Carry out further reading on relevant topics which have not been addresses during lectures and labs 2.00 Every Week 2.00
Total Weekly Learner Workload 8.00
Total Weekly Contact Hours 4.00
Workload: Part Time
Workload Type Workload Description Hours Frequency Average Weekly Learner Workload
Lecture The lecture will outline the theories of application security 2.00 Every Week 2.00
Practical Implement the theories outlined in the lecture 2.00 Every Week 2.00
Directed Reading Carry out further reading on the topics covered in lectures and labs 2.00 Every Week 2.00
Independent Study Carry out further reading on relevant topics which have not been addresses during lectures and labs 2.00 Every Week 2.00
Total Weekly Learner Workload 8.00
Total Weekly Contact Hours 4.00
Resources
Recommended Book Resources
  • Chuck Easttom 2006, Computer Security Fundamentals, Prentice Hall [ISBN: 0131711296]
  • Gollman, Dieter 2013, Computer Security, Wiley [ISBN: 9780470741153]
  • O'Reilly 2009, Beautiful Security [ISBN: 978059652748]
  • Prentice Hall, Security in Computing [ISBN: 0132390779]
  • Michael Howard, David LeBlanc, Writing Secure Code, Second Edition
  • Cannon, J.C., Privacy [ISBN: 9780321224095]
This module does not have any article/paper resources
Other Resources

Module Delivered in

Programme Code Programme Semester Delivery
DK_KCOMP_7 Bachelor of Science in Computing 5 Group Elective 1