Turvalise programmeerimise meetodid 2017/18 kevad

Secure Programming Techniques

• Code: MTAT.07.015 (3 EAP)
• Lectures: Fri 12.15-14.00 Tartu, Liivi 2 - 202
• Lecturer: Meelis Roos
• Exams: 01.06.2018 12-14 L2-202 (last lecture time and place) (questions) and 08.06.2018 12-14 L2-206 (questions)
• Re-examination for failed students: 21.06.2018 12-14 L2-404 (please register in ÕIS!)
• Grading: 80% written exam with Internet access, 20% homeworks (4 total) + bonus homework 10%
• Results: in Google Docs
• Last year exam questions as an example: 2017-1, 2017-2
• Questions: mroos at ut dot ee

Literature and links:

• OWASP (Open Web Application Security Project) documents
• Secure Programming for Linux and Unix HOWTO
• Secure coding: principles and practices, Mark Graff, Kenneth R. Van Wyk, O'Reilly 2003
• Secure Programming with Static Analysis, Brian Chess, Jacob West, Addison-Wesley Professional, 2007
• The Tangled Web: A Guide to Securing Modern Web Applications
• AJAX and Mashup Security
• Introductory Intel x86: Architecture, Assembly, Applications (Youtube playlist with videos for those interested in assembly language)