IT & Mobile Security

Secure Service Oriented Architectures

Integrated course, 5.00 ECTS

 

Course content

Enterprise applications consist typically of different services manufactures in different programming languages, which operate on different platforms. Service oriented architectures and microservices are attempts to realize such huge heterogenous distributed systems.

In this lecture, the following security relevant topics of web services are introduced
- Web Service Architecture & Risk Analysis
- Access Control
Authentication
Authorization
- XML Attacks & Schema Validation
- Message Encryption
Published Identifiers
Digital Signatures
Encrypting Representations

Learning outcomes

This modul provides detailed knowledge of the design of secure service oriented architectures.

Recommended or required reading and other learning resources / tools

Books:
Sam Newman, Building Microservices, O’REILLY, 2015
Robert Daigneau, Service Design Patterns, Addison Wesley, 2012
Prabath Siriwardena, Advanced API Security, Apress, 2014
Renè Enriquez, Andrè Salazar C., RESTful Java Web Services Security, PACKT Publishing, 2014

Mode of delivery

2 ECTS lecture, 3 ECTS tutorial

Prerequisites and co-requisites

module ASC 2

Assessment methods and criteria

Lecture: final exam, tutorial: continuous assessment