Yazdır

Ders Tanımı

Ders Kodu Yarıyıl T+U Saat Kredi AKTS
SECURE SOFTWARE DEVELOPMENT SG 508 0 3 + 0 3 6
Ön Koşul Dersleri
Önerilen Seçmeli Dersler
Dersin Dili Türkçe
Dersin Seviyesi Yüksek Lisans
Dersin Türü SECMELI
Dersin Koordinatörü Prof.Dr. CELAL ÇEKEN
Dersi Verenler
Dersin Yardımcıları
Dersin Kategorisi
Dersin Amacı
The objective of this course is to introduce the students to secure software development life cycle and web application security topics.
Dersin İçeriği
Software Security, Software Development Life Cycle, Web Based Application Architecture (Synchronous and Asynchronous Communication, Session Management ...), Secure Software Development Life Cycle ( Threat Modeling and Risk Management, Static Code Analysis, dynamic Code Analysis), Web Application Security, OWASP TOP 10 list, Securing Web Applications, Penetration Tests for Web Applications
Dersin Öğrenme Çıktıları Öğretim Yöntemleri Ölçme Yöntemleri
1 - Introduces Secure Software Development Life Cycle 1 - 2 - 3 - A - C -
2 - Introduces Web Based Attacks 1 - 2 - 3 - 6 - 12 - A - C - D -
3 - Learns How to Build Secure Web Applications 1 - 2 - 3 - 6 - 12 - A - C - D -
4 - Grebs Threat Modeling 1 - 2 - 3 - A - C -
Öğretim Yöntemleri: 1:Lecture 2:Question-Answer 3:Discussion 6:Motivations to Show 12:Case Study
Ölçme Yöntemleri: A:Testing C:Homework D:Project / Design

Ders Akışı

Hafta Konular ÖnHazırlık
1 Introduction, Software Security
2 Software Development Life Cycle
3 Web Based Application Architecture (Synchronous and Asynchronous Communication, Session Management, Web Services ...)
4 Building Insecure Web Application
5 Secure Software Development Life Cycle
6 Thread Modelling and Risk Management, Static Code Analysis
7 Web Application Security, OWASP TOP 10Llist
8 Visa Exam
9 Web Application Security, OWASP TOP 10Llist
10 Web Application Security, OWASP TOP 10Llist
11 Securing Web Applications
12 Penetration Tests for Web Applications
13 Project Presentation
14 Project Presentation

Kaynaklar

Ders Notu Lecture Notes
Ders Kaynakları 1. OWASP, https://www.owasp.org/index.php/Main_Page
2. Software Security: Building Security In by Gary McGraw. Addison-Wesley, ISBN 978-321-35670-3
3. 24 Deadly Sins of Software Security, ISBN: 978-0-07-162675-0 , by Howard, LeBlanc, and Viega
4. The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities, 978-0-321-4442-4, by Dowd, McDonald, and Schuh
5. www.w3schools.com
6. Ed Lecky-Thompson, Heow Eide-Goodman, Steven D. Nowicki and Alec Cove, Professional PHP5, John Wiley & Sons, 2005

Döküman Paylaşımı


Dersin Program Çıktılarına Katkısı

No Program Öğrenme Çıktıları KatkıDüzeyi
1 2 3 4 5
1 ability to access wide and deep information with scientific researches in the field of Engineering, evaluate, interpret and implement the knowledge gained in his/her field of study X
2 ability to complete and implement “limited or incomplete data” by using the scientific methods. X
3 ability to consolidate engineering problems, develop proper method(s) to solve and apply the innovative solutions to them X
4 ability to develop new and original ideas and method(s), to develop new innovative solutions at design of system, component or process X
5 gain comprehensive information on modern techniques, methods and their borders which are being applied to engineering X
6 ability to design and apply analytical, modelling and experimental based research, analyze and interpret the faced complex issues during the design and apply process X
7 gain high level ability to define the required information and data X
8 ability to work in multi-disciplinary teams and to take responsibility to define approaches for complex situations
9 systematic and clear verbal or written transfer of the process and results of studies at national and international environments X
10 aware of social, scientific and ethical values guarding adequacy at all professional activities and at the stage of data collection, interpretation and announcement X
11 aware of new and developing application of profession and ability to analyze and study on those applications X
12 ability to interpret engineering application’s social and environmental dimensions and it’s compliance with the social environment X

Değerlendirme Sistemi

YARIYIL İÇİ ÇALIŞMALARI SIRA KATKI YÜZDESİ
AraSinav 1 45
Odev 1 10
ProjeTasarim 1 45
Toplam 100
Yıliçinin Başarıya Oranı 75
Finalin Başarıya Oranı 25
Toplam 100

AKTS - İş Yükü

; ;