Module overview
This module will teach the principles of security in web and cloud based systems and how these principles apply in a range of different applications.
Linked modules
Pre-requisites: ELEC1204 OR COMP1202
Aims and Objectives
Learning Outcomes
Knowledge and Understanding
Having successfully completed this module, you will be able to demonstrate knowledge and understanding of:
- The core technical elements of web and cloud based security systems
- The current trends in cyber security; threats, their importance, and why they are hard to face
- Cyber security frameworks, standards and best practices, and how to apply these within an organisation
Subject Specific Intellectual and Research Skills
Having successfully completed this module you will be able to:
- Recognise and discuss examples of cyber security vulnerabilities
- Critically analyse Web and Cloud based systems for security problems
- Critically analyse Web based systems for security problems
Subject Specific Practical Skills
Having successfully completed this module you will be able to:
- Use examples of security penetration testing tools
- Perform a security assessment for an organisation as part of a team
- Secure development of web applications
Transferable and Generic Skills
Having successfully completed this module you will be able to:
- Communicate effectively on a broad range of issues with security professionals
Syllabus
Web based security
- Web applications and systems
- Penetration testing
- OWASP
- Vulnerabilities and exploitation
- Security of database applications
- Injection attacks, cross-site scripting - Server configuration
Cloud based security
- Virtualisation - hypervisor security and data protection
- Cloud services – vulnerabilities and protection
- Secure designs for cloud architecture
- Standards, governance and compliance for cloud based infrastructures
Secure web development :
- client-side and server-side protection
- protecting against injection attacks
- implementing authentication and access control
- techniques for ensuring data privacy
- cross-site scripting
- guarding against third-party component vulnerabilities - building a secure API
Learning and Teaching
Teaching and learning methods
.
Type | Hours |
---|---|
Wider reading or practice | 26 |
Preparation for scheduled sessions | 9 |
Follow-up work | 9 |
Completion of assessment task | 70 |
Lecture | 36 |
Total study time | 150 |
Resources & Reading list
Internet Resources
Assessment
Summative
This is how we’ll formally assess what you have learned in this module.
Method | Percentage contribution |
---|---|
Coursework | 50% |
Coursework | 50% |
Referral
This is how we’ll assess you if you don’t meet the criteria to pass this module.
Method | Percentage contribution |
---|---|
Set Task | 100% |
Repeat
An internal repeat is where you take all of your modules again, including any you passed. An external repeat is where you only re-take the modules you failed.
Method | Percentage contribution |
---|---|
Set Task | 100% |
Repeat Information
Repeat type: Internal & External