Pre-requisites: II.2301 Security
Organization: Lectures/conferences (12h), Labs (12h)
Assessment:
Examination, Labs

Overview

This module follows the Security II.2301. It focuses on issues related to IT security, specifically on the security of information systems and applications.

Attacks on information systems aim to read, modify, or destroy potentially sensitive information, which may involve simple operational difficulties, the theft of personal data, or inability to perform certain essential tasks. But the protection of structures is not sufficient, indeed much attacks target applications directly.

Learning Objectives

Skills

The purpose of this module is to give students the keys to design an application or an information system which is safe and secure. Students will be able to analyze an existing system to identify major issues and safety system failures, and propose solutions.

Knowledge

Concepts

  • Data security
  • Secure Programming
  • Main application vulnerabilities (Cross scripting (XSS), SQL injection, ...)
  • Risks associated with new technologies: smartphones, cloud ...

Know-How

  • To design and develop secure web application
  • To ensure the security of a database
  • To analyze an information system to identify security vulnerabilities
  • To manage access and identity management rights