NWI-IPC026
Web Security
Cursus informatieRooster
CursusNWI-IPC026
Studiepunten (ECTS)3
CategorieBA (Bachelor)
VoertaalEngels
Aangeboden doorRadboud Universiteit; Faculteit der Natuurwetenschappen, Wiskunde en Informatica; Informatica en Informatiekunde;
Docenten
Coördinator		dr. ir. E. Poll
Overige cursussen docent
Docent		dr. ir. E. Poll
Overige cursussen docent
Contactpersoon van de cursus		dr. ir. E. Poll
Overige cursussen docent
Examinator		dr. ir. E. Poll
Overige cursussen docent
Collegejaar2019
Periode
KW1  (02-09-2019 t/m 03-11-2019)
Aanvangsblok
KW1
Onderwijsvorm
voltijd
Opmerking-
Inschrijven via OSIRISJa
Inschrijven voor bijvakkersJa
VoorinschrijvingNee
WachtlijstNee
Plaatsingsprocedure-
Cursusdoelen
After the course, students can:
  • explain what the standard security problems in web-applications are (such as SQL-injection, XSS, CSRF, etc.) and how these work;
  • explain which countermeasures there are against these weaknesses, explain how these work, and apply some of these;
  • find and exploit such weaknesses in simple web-applications.
Inhoud
Most cyber security problems have their origin in software, and esp. software that operates via the internet. This course is about security vulnerabilities in web applications. It covers standard types of security vulnerabilities, how they can be exploited, what the underlying root causes are, and what can be done to prevent them, detect them, or mitigate their impact.
 
Niveau

Voorkennis
Databases (IPC024) and Security (IPC021)
Toetsinformatie
Mandatory project work and written exam
Bijzonderheden

Onderwerpen
This course discusses security problems on the web, the root causes, and countermeasures.
• HTML, URL, HTTP(S), JavaScript and the DOM, cookies
• standard security vulnerabilities in web applications: command injection, path traversal, PHP injection, SQL injection, XSS, CSRF, clickjacking, UI redressing, ...
• prevention, detection (dynamic and static), and exploitation of these vulnerabilities
• attacker (business) models
• online privacy and authentication

Toetsinformatie
Mandatory project work and written exam

Voorkennis
Databases (IPC024) and Security (IPC021)

Verplicht materiaal
Blackboard
Material is made available via the course web site.

Aanbevolen materiaal
Boek
Introduction of Computer Security, by Michael Goodrich & Roberto Tamassia , Pearson New International Edition
ISBN:9781292025407

Werkvormen
Computerpracticum

Cursus
AanwezigheidsplichtJa

Hoorcollege

Zelfstudie

Toetsen
Tentamen
Weging1
ToetsvormTentamen
GelegenhedenBlok KW1, Blok KW2

Practicumopdrachten
Weging0
ToetsvormOpdracht
GelegenhedenBlok KW1