Use the Tab and Up, Down arrow keys to select menu items.
This course provides students with skills to design and implement secure application programs, which are not vulnerable to malicious attacks.
This course is concerned with designing and implementing secure application programs, that is,programs that are not vulnerable to malicious attacks. By the end of the course, students shouldbe familiar with why security is important, what types of vulnerabilities can be present in software,how they can be exploited, and how to go about developing software that is sufficiently secure. Thecourse involves significant practical work including assignments. Design of secure web service infrastructure including topics such as: security requirements definition, system specification, security procedure definition and security management and audit, threat and vulnerability analysis, information leakage, integrity violation, Denial of Service (or - how to build a secure web-based infrastructure). Security of web server design is an important part of this course.Topics include: Types of vulnerabilities and how they arise Best software development principles and practices Goals of secure and trusted software Exploitation of vulnerabilities, e.g. buffer overflows etc Principles of security architecture, e.g. input validation, principles of least privilege etc Design and implementation of secure web servers Design and implementation of secure applications Secure operations (Security features are not necessarily secure features) Use of encryption and authentication Automation and testing Security case studies.
Subject to approval of the Head of Department.
For further information see Computer Science and Software Engineering Head of Department
Library portalCosc424 Home
Domestic fee $815.00
International Postgraduate fees
* All fees are inclusive of NZ GST or any equivalent overseas tax, and do not include any programme level discount or additional course-related expenses.
For further information see Computer Science and Software Engineering .