Title :
Learning security through insecurity
Author :
Sonntag, Michael
Author_Institution :
Inst. for Inf. Process. & Microprocessor Technol., Johannes Kepler Univ., Linz, Austria
Abstract :
Web programming courses typically contain the “how to implement functionality” of developing web applications, and writing a simple one is not very difficult. But this leads to lots of security problems, as therefore such applications are commonly very insecure, which is not only a problem for the site itself but also for others, e.g. visitors (distributing malware) or third parties (using the servers as source/amplification for attacks). Because of this it is very important to additionally learn how to implement web applications in a secure way. This paper presents a system to support such learning, based on an individual and autonomous approach. It consists of a webserver with numerous simple applications, each exemplifying a single specific class of security problems together with explanatory material for discovering such a problem and how to prevent it.
Keywords :
Internet; computer aided instruction; computer science education; educational courses; security of data; Web applications; Web programming courses; insecurity; security problems; webserver; Java; Programming; Security; Testing; Web servers; individual and autonomous learning; security; user experimentation; web applications;
Conference_Titel :
e-Learning and e-Technologies in Education (ICEEE), 2013 Second International Conference on
Conference_Location :
Lodz
Print_ISBN :
978-1-4673-5093-8
DOI :
10.1109/ICeLeTE.2013.6644363
