Lecture: Software Security

Lecturer: Prof. Dieter Gollmann Dipl.-Math. Sven Moritz Hallberg

Type: Lecture

Description:

- Reliabilty and Software Security
- Attacks exploiting character and integer representations
- Buffer overruns
- Vulnerabilities in memory managemet: double free attacks
- Race conditions
- SQL injection
- Cross-site scripting and cross-site request forgery
- Testing for security; taint analysis
- Type safe languages
- Development proceses for secure software

- Code-based access control

M. Howard, D. LeBlanc: Writing Secure Code, 2nd edition, Microsoft Press (2002)
G. Hoglund, G. McGraw: Exploiting Software, Addison-Wesley (2004)
L. Gong, G. Ellison, M. Dageforde: Inside Java 2 Platform Security, 2nd edition, Addison-Wesley (2003)
B. LaMacchia, S. Lange, M. Lyons, R. Martin, K. T. Price: .NET Framework Security, Addison-Wesley Professional (2002)
D. Gollmann: Computer Security, 3rd edition (2011)



(D0.010): Thu.. 19.10., Thu.. 26.10., Thu.. 02.11. 11:30 - 13:00, (A1.19.1): Tue.. 24.10. 13:15 - 14:45

Appointments on Thu.. 19.10. 11:30 - 13:00, Tue.. 24.10. 13:15 - 14:45, Thu.. 26.10., Thu.. 02.11. 11:30 - 13:00

Term: WiSe 17/18

Requirements: Familiarity with C/C++, web programming

Performance Record :Written exam

Stud.IP: Lecture: Software Security

back