units

FIT3056

Faculty of Information Technology

Monash University

Undergraduate - Unit

This unit entry is for students who completed this unit in 2014 only. For students planning to study the unit, please refer to the unit indexes in the the current edition of the Handbook. If you have any queries contact the managing faculty for your course or area of study.

print version

6 points, SCA Band 2, 0.125 EFTSL

Refer to the specific census and withdrawal dates for the semester(s) in which this unit is offered, or view unit timetables.

LevelUndergraduate
FacultyFaculty of Information Technology
OfferedCaulfield First semester 2014 (Day)

Synopsis

Students are introduced to some of the most common security issues involved in the development of software, including secure coding practices, secure database access, secure data communications, security of web applications, use of encryption techniques and security testing. Students are provided with a range of practical exercises to reinforce their skills, including authenticating and authorising users programmatically, user input validation, developing secure web, mobile/wireless and database applications, encrypting and hashing data programmatically, generating digital signatures programmatically, security testing, designing logging and auditing mechanisms.

Outcomes

At the completion of this unit students will have -

A knowledge and understanding of:

  • some of the main security concepts and issues involved in the development of software, including: Software security versus other aspects of computer security; goals of secure and trusted software; vulnerabilities versus threats; best software development principles and practices; buffer overflows; security of programming platforms; authentication and authorisation; principle of least privilege; security features are not equal to secure features; secure use of encryption; user input validation; reliable software components; data privacy; auditing and logging; security testing;
  • the importance of developing secure software in today's electronic world.

Developed the skills to:

  • design applications with security in mind;
  • validate user input;
  • implement secure authentication mechanisms;
  • authorise users access to various protected resources;
  • encrypt files and hash passwords;
  • store session data securely in web applications;
  • perform secure database access;
  • set up secure transfer of data;
  • create security logs;
  • test software for security vulnerabilities.

Assessment

Examination (3 hours): 60%; In-semester assessment: 40%

Chief examiner(s)

Workload requirements

Minimum total expected workload equals 12 hours per week comprising:

(a.) Contact hours for on-campus students:

  • Two hours of lectures
  • One 2-hour laboratory

(b.) Additional requirements (all students):

  • A minimum of 2 hours of personal study per one hour of contact time in order to satisfy the reading and assignment expectations.

This unit applies to the following area(s) of study

Prerequisites

One of FIT1040 or FIT1002 and one of FIT1019 or FIT2078

Additional information on this unit is available from the faculty at: