IT & Mobile Security

Secure Web Applications

Tutorial, 4.00 ECTS


Course content

Development of HTML5 web apps for different platforms (Web, Android, iOS). Selected HTML5 APIs are discussed, for example, to use local storage, sensors, gps for location based services or web sockets for real time web application. Furthermore, social media integration will be covered.

Learning outcomes

The graduate has detailed knowledge about the architecture and development of secure software in general and secure mobile applications on different platforms in particular.

Recommended or required reading and other learning resources / tools

Gary McGraw, Software Security – Building Security In, Addison-Wesley, 2006
Gary McGraw, Software Security, IEEE Security, 2004
Gary McGraw, Seven Pernicious Kingdoms: A Taxonomy of Software Security Errors, IEEE Security, 2005
Christian Collberg, Jasvir Nagra, Surreptitious Software, Addison Wesley, 2010
William Pugh, David Hovemeyer, J. David Morgenthaler, John Penix, Using Static Analysis to find Bugs, IEEE Software, 2008
Brian Chess, Jacob West, Secure Programming with Static Analysis, Addison-Wesley, 2007
Terence Parr, Language Implementation Patterns, The Pragmatic Bookshelf, 2010
John Viega, Gary McGraw, Building Secure Software, Addison-Wesley, 2002
HTML5 and JavaScript Web Apps (ISBN-13: 978-1449320515)
Effective JavaScript (ISBN-13: 978-0-321-81218-6)
N. Elenkov: Android-Security-Internals, 2014
J. Drake et. al.: Android Hacker's Handbook, 2014
Professional Journals: ACM

Mode of delivery

4 ECTS tutorial

Prerequisites and co-requisites

Module ASC 1

Assessment methods and criteria

continuous assessment