units

FIT3056

Faculty of Information Technology

Undergraduate - Unit

This unit entry is for students who completed this unit in 2013 only. For students planning to study the unit, please refer to the unit indexes in the the current edition of the Handbook. If you have any queries contact the managing faculty for your course or area of study.

print version

6 points, SCA Band 2, 0.125 EFTSL

To find units available for enrolment in the current year, you must make sure you use the indexes and browse unit tool in the current edition of the Handbook.

LevelUndergraduate
FacultyFaculty of Information Technology
OfferedNot offered in 2013

Synopsis

Students are introduced to some of the most common security issues involved in the development of software, including secure coding practices, secure database access, secure data communications, security of web applications, use of encryption techniques and security testing. Students are provided with a range of practical exercises to reinforce their skills, including authenticating and authorising users programmatically, user input validation, developing secure web, mobile/wireless and database applications, encrypting and hashing data programmatically, generating digital signatures programmatically, security testing, designing logging and auditing mechanisms.

Outcomes

At the completion of this unit students will have -

A knowledge and understanding of:

  • some of the main security concepts and issues involved in the development of software, including: Software security versus other aspects of computer security; goals of secure and trusted software; vulnerabilities versus threats; best software development principles and practices; buffer overflows; security of programming platforms; authentication and authorisation; principle of least privilege; security features are not equal to secure features; secure use of encryption; user input validation; reliable software components; data privacy; auditing and logging; security testing;
  • the importance of developing secure software in today's electronic world.

Developed the skills to:

  • design applications with security in mind;
  • validate user input;
  • implement secure authentication mechanisms;
  • authorise users access to various protected resources;
  • encrypt files and hash passwords;
  • store session data securely in web applications;
  • perform secure database access;
  • set up secure transfer of data;
  • create security logs;
  • test software for security vulnerabilities.

Assessment

Examination (3 hours): 60%; In-semester assessment: 40%

Chief examiner(s)

Contact hours

2 hrs lectures/wk, 2 hrs laboratories/wk

This unit applies to the following area(s) of study

Prerequisites

One of FIT1040 or FIT1002 and one of FIT1019 or FIT2078

Additional information on this unit is available from the faculty at: