WEB SECURITY

Academic year
2023/2024 Syllabus of previous years
Official course title
WEB SECURITY
Course code
CM0630 (AF:451567 AR:245295)
Modality
On campus classes
ECTS credits
6 out of 12 of INTERNET SECURITY
Degree level
Master's Degree Programme (DM270)
Educational sector code
INF/01
Period
2nd Semester
Course year
1
Where
VENEZIA
Moodle
Go to Moodle page
The course aims to provide the fundamental concepts and techniques for developing secure web applications. The student will learn the main web vulnerabilities and the appropriate defenses to put into practice against possible attackers.
- knowledge of basic concepts and techniques for the development of secure web applications;
- knowledge of the main attack and defense techniques;
- development of skills for the application of concepts to the analysis of real systems.
It is required basic knowledge of programming (imperative programming and scripting), computer networks and cryptography.
Web security: client-side security, server-side security, secure communication, web protocols. Outline of selected research topics.
The following books are optional and recommended to students who want to get a more in-depth understanding:

W. Du - Internet Security: A Hands-on Approach (2019)
Sullivan & Liu - Web Application Security, A Beginner's Guide (2011)
Zalewski - The tangled Web: A Guide to Securing Modern Web Applications (2011)
Onofri, Onofri - Attacking and Exploiting Modern Web Applications (2023)
The exam consists of a written test that aims at verifying the knowledge of the different topics of the course. The course also includes a series of optional assignments aimed at deepening specific topics of the course, which integrate the mark of the written test. The written test contributes to 75% of the final mark, while the exercises contribute to the remaining 25%.
Theoretical lectures in class;
Online resources (lecture notes and slides);
Labs and assignments.
English
written
Definitive programme.
Last update of the programme: 16/02/2024