Development of Safe and Secure SoftwareLaajuus (5 cr)

Objective

A student knows issues considering secure and safe software, especially in web environment.
A student knows many different ways to make secure web-applications and protect a web server and he/she can make a safe user database and he/she can make many different security tests for it.

Content

- Open Web Applications Security Project OWASP
- SAMM (Software Assurance Maturity Model)
- ASVS (OWASP Application Security Verification Standard)
- OWASP TOP 10 -list
- network security
- different vulnerabilities of web applications and how to protect web applications against them.
- Apache web server, installing and configuring
- safe programming with different programming languages
- safe database connection (e.g. MySQL)
- user databases
- Google Hacking
- certificates and https-protocol
- penetration testing
- server hardening

Qualifications

Web Programming skills (JavaScript, PHP)

Assessment criteria, satisfactory (1)

The student has achieved the course objectives fairly. The student will be able to identify, define and use the course subject area’s concepts and models. The student has completed the required learning exercises in minimum requirement level.

Assessment criteria, good (3)

The student has achieved the course objectives well, even though the knowledge and skills need improvement on some areas. The student has completed the required learning exercises in good or satisfactory level.

Assessment criteria, excellent (5)

The student has achieved the objectives of the course with excellent marks. The student master commendably the course subject area’s concepts and models. The student has completed the required learning exercises in good or excellent level.

Assessment criteria, approved/failed

The student has achieved the course objectives fairly. The student will be able to identify, define and use the course subject area’s concepts and models. The student has completed the required learning exercises in minimum requirement level.