Lecture: Software Security

Lecturer: Prof. Dieter Gollmann Ann-Christine Kycler, M. Sc

Type: Lecture

<p>- Reliabilty and Software Security<br />- Attacks exploiting character and integer representations<br />- Buffer overruns<br />- Vulnerabilities in memory managemet: double free attacks<br />- Race conditions<br />- SQL injection<br />- Cross-site scripting and cross-site request forgery<br />- Testing for security; taint analysis<br />- Type safe languages<br />- Development proceses for secure software<br /><br /> - Code-based access control</p><p>M. Howard, D. LeBlanc: Writing Secure Code, 2nd edition, Microsoft Press (2002)<br />G. Hoglund, G. McGraw: Exploiting Software, Addison-Wesley (2004)<br />L. Gong, G. Ellison, M. Dageforde: Inside Java 2 Platform Security, 2nd edition, Addison-Wesley (2003)<br />B. LaMacchia, S. Lange, M. Lyons, R. Martin, K. T. Price: .NET Framework Security, Addison-Wesley Professional (2002)<br />D. Gollmann: Computer Security, 3rd edition (2011)</p>

(H 0.07)

Tue.. 13:15 - 14:45 (weekly) - Vorlesung Software-Sicherheit (H 0.07)

Term: WiSe 19/20

Requirements: Familiarity with C/C++, web programming

Performance Record :Written exam

Stud.IP: Lecture: Software Security