Secure coding

Module title:

Secure coding

Module overview:

This module introduces students to common security vulnerabilities and issues and teaches them how to write secure code that minimizes possible attack vectors.

This module is intended for students who already know how to write code and are interested in learning about security challenges and how to mitigate them by writing a more secure code. Skills learnt in this module will contribute significantly to students’ development as professionals in respecting fields.

The module is taught in Java programming language. The module assessment is based on solving a series of smaller practical tasks and on individual student projects. In these projects, students must create secure applications to the given specifications.

Students will learn:

About security vulnerabilities and security threats.

How to do static code analysis with current tools in order to detect issues.

How to secure communication between client and web application server.

About injection attack prevention techniques.

About safeguards to prevent potential attacks arising from unsecure deserialization.

About user authentication methods to prevent unauthorized access to confidential data.

Literature:

Required readings:
1. Long, F. et al (2013) Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs. 1st edn. Boston: Addison-Wesley Professional.

Supplementary readings:
1. Long, F. et al (2011) CERT Oracle Secure Coding Standard for Java. 1st edn. Boston: Addison-Wesley Professional.