Module Code SET09603
Module Title Advanced Web Development
Examples of Equivalent Learning Experience in object-oriented high-level programming language and web-based programming languages and frameworks.

12. Module Content
The aim of this module is to teach the theory and practice of secure software development in the context of managed languages (e.g. Java and C#) and in web-based solutions (e.g. JavaScript and online data sources). As such, the module will cover both managed software development and web-based software development, and how we can integrate security throughout the Software Development Lifecycle (SDLC). An indicative list of the topics includes:

Secure software – The SDLC and security, security architectures, legacy systems
Web Technologies – including overview, Server configuration, HTTP, Web services, Authentication mechanisms, Session management
Software vulnerabilities – including OWASP Top 10, common coding errors
Web application security – including XXS, CSRF, Authentication bypass, XXE
Database Security – SQLi
Server-side and Client-side Security – including preventing client and server attacks

Data validation – including input validation, encoding, parameterised queries
Encryption - including certificates, and Architectures such as JCA
Security Testing
Source Code Review – including Code Analysis Tools

Upon completion of this module you will be able to
LO1: Construct a software system in a managed programming language to meet secure software requirements.
LO2: Construct a software system using web technologies to meet secure software requirements.
LO3: Evaluate software systems through a formal process to examine its security capabilities.
LO4: Integrate secure software practices into a software development lifecycle.
LO5: Critically reflect on secure software requirements.

Please contact your Module Leader for details
Click here to view the LibrarySearch.