Skip to main navigationSkip to main content
The University of Southampton
Courses

COMP3226 Web and Cloud Based Security

Module Overview

This module will teach the principles of security in web and cloud based systems and how these principles apply in a range of different applications.

Aims and Objectives

Learning Outcomes

Knowledge and Understanding

Having successfully completed this module, you will be able to demonstrate knowledge and understanding of:

  • Cyber security frameworks, standards and best practices, and how to apply these within an organisation
  • The core technical elements of web and cloud based security systems
  • The current trends in cyber security; threats, their importance, and why they are hard to face
Subject Specific Intellectual and Research Skills

Having successfully completed this module you will be able to:

  • Recognise and discuss examples of cyber security vulnerabilities
  • Critically analyse Web based systems for security problems
  • Critically analyse Web and Cloud based systems for security problems
Transferable and Generic Skills

Having successfully completed this module you will be able to:

  • Communicate effectively on a broad range of issues with security professionals
Subject Specific Practical Skills

Having successfully completed this module you will be able to:

  • Perform a security assessment for an organisation as part of a team
  • Use examples of security penetration testing tools
  • Secure development of web applications

Syllabus

Web based security - Web applications and systems
 - Penetration testing - OWASP - Vulnerabilities and exploitation - Security of database applications - Injection attacks, cross-site scripting - Server configuration
 
 Cloud based security - Virtualisation - hypervisor security and data protection - Cloud services – vulnerabilities and protection - Secure designs for cloud architecture - Standards, governance and compliance for cloud based infrastructures Secure web development : - client-side and server-side protection - protecting against injection attacks - implementing authentication and access control - techniques for ensuring data privacy - cross-site scripting - guarding against third-party component vulnerabilities - building a secure API

Learning and Teaching

Teaching and learning methods

.

TypeHours
Preparation for scheduled sessions9
Completion of assessment task60
Wider reading or practice26
Lecture36
Revision10
Follow-up work9
Total study time150

Resources & Reading list

Security in Computing.

Assessment

Summative

MethodPercentage contribution
Coursework assignment(s) 20%
Coursework assignment(s) 30%
Examination 50%

Repeat

MethodPercentage contribution
Examination 100%

Referral

MethodPercentage contribution
Examination 100%

Repeat Information

Repeat type: Internal & External

Linked modules

Pre-requisites: ELEC1204 OR COMP1202

Share this module Share this on Facebook Share this on Twitter Share this on Weibo
Privacy Settings