IT & Mobile Security

Secure Mobile Software Development

Integrated course, 4.00 ECTS

 

Course content

Development of basic apps using the functionality of mobile frameworks. Furthermore advanced knowledge of interaction concepts, navigation patterns, touch and guestures as well as sensors and location based services. All aspects are treated with special focus on security.

Learning outcomes

The module provides the principles of secure software, the general aspects of security fundamentals and the ability to develop secure mobile software.

Recommended or required reading and other learning resources / tools

J. Six: Application security for the Android , O'Reilly , 2012
S. Gunasekera, Android apps security, 2012 Gary McGraw, Software Security – Building Security In, Addison-Wesley, 2006
Gary McGraw, Software Security, IEEE Security, 2004
Gary McGraw, Seven Pernicious Kingdoms: A Taxonomy of Software Security Errors, IEEE Security, 2005
Christian Collberg, Jasvir Nagra, Surreptitious Software, Addison Wesley, 2010
William Pugh, David Hovemeyer, J. David Morgenthaler, John Penix, Using Static Analysis to find Bugs, IEEE Software, 2008
Brian Chess, Jacob West, Secure Programming with Static Analysis, Addison-Wesley, 2007
Terence Parr, Language Implementation Patterns, The Pragmatic Bookshelf, 2010
John Viega, Gary McGraw, Building Secure Software, Addison-Wesley, 2002The Shellcoders Handbook, Anley Heasman, Linder, Richarte
Hacking The Art of Exploitation, Erickson
Hacking mit Metasploit, Messnerngen, Singer
Hacking Exposed WEB Applications, Scambray, Liu

Mode of delivery

1 ECTS lecture, 3 ECTS tutorial

Prerequisites and co-requisites

general informatics

Assessment methods and criteria

Lecture: final exam, tutorial: continuous assessment