Software Security Presentation Dr. E. Benoist Spring Semester 2011 - - PowerPoint PPT Presentation

software security presentation
SMART_READER_LITE
LIVE PREVIEW

Software Security Presentation Dr. E. Benoist Spring Semester 2011 - - PowerPoint PPT Presentation

Jul 03, 2023 266 likes •371 views

Berner Fachhochschule - Technik und Informatik Software Security Presentation Dr. E. Benoist Spring Semester 2011 Software Security Presentation 1 Presentation Emmanuel Benoist email: emmanuel.benoist(at)bfh.ch PhD at the

slide-1
SLIDE 1

Berner Fachhochschule - Technik und Informatik

Software Security Presentation

  • Dr. E. Benoist

Spring Semester 2011

Software Security Presentation 1

slide-2
SLIDE 2

Presentation

◮ Emmanuel Benoist

  • email: emmanuel.benoist(at)bfh.ch

◮ PhD at the University of Caen (France) ◮ Professor at the Berner Fachhochschule

  • Teach Computer Science in Biel since 1999
  • Specialties: Algorithmic, Web Programming and Web Security

◮ Web Security and Privacy protection on the Web

  • Member of the Research Institute on Security in the

Information Societey (RISIS)

◮ Web Security ◮ Privacy Protection on the Web ◮ e-Health

  • Member of the board : Certified Secure Web - CSW GmbH
  • Member of the OWASP (Open Web Application Security

Platform) Swiss Chapter

Software Security Presentation 2

slide-3
SLIDE 3

Course : Web and Software Security

◮ Goals of the course

  • The students know the most important dangers for Internet

Web sites and their users.

  • The students have an overview of the measures to take for

programming safe web sites.

  • They can tell which are the basic-principles of Web security.
  • They have applied these principles and can use them in real

applications.

  • They know how buffer overflow work

◮ Part of the module 7263

  • Web Security and Selected Security Topics

◮ Contact

  • Emmanuel.Benoist (at) bfh.ch : Web Security
  • Ulrich.Fiedler (at) bfh.ch : Buffer Overflow

Software Security Presentation 3

slide-4
SLIDE 4

Control of Knowledge

◮ Pa Module

  • Only one Exam
  • No Homework, or experience Mark

◮ Examination

  • Durring the examination week
  • Details communicated later

Software Security Presentation 4

slide-5
SLIDE 5

Schedule of the course 1

◮ Software Security

  • Presentation of the problematic

◮ Web Security

  • Owasp Top 10 (overview of the main problems)
  • XSS - Cross Site Scripting,
  • CSRF - Cross Site Request Forgery
  • SQL Injection
  • Other Injection flows

◮ Buffer Overflow

  • Teached by Ulrich Fiedler

1Details are given on http://www.benoist.ch/SoftSec/ Software Security Presentation 5

slide-6
SLIDE 6

Information about the Web Security course

◮ ◮ Web site of the course:

http://www.benoist.ch/SoftSec/

  • Slides
  • Examples
  • Exercises
  • Resources (bibliography and Internet)

Software Security Presentation 6

slide-7
SLIDE 7

Bibliography

◮ OWASP Top 10 - 2010

http://www.owasp.org/index.php/Category: OWASP_Top_Ten_Project

◮ OWASP Developers Guide

http://www.owasp.org/index.php/Category: OWASP_Guide_Project

◮ Web Security Testing Cookbook Paco Hope and Ben

Walther, O’Reilly

◮ The Web Application Hacker’s Handbook Dafydd

Stuttard and Marcus Pinto, Wiley

◮ How to Break Web Software Mike Andrews and James A.

Whittaker, Addison Wesley

Software Security Presentation 7

slide-8
SLIDE 8

Who are you?

◮ Proficiency in Web Programming? ◮ Proficiency in Security? ◮ German speaking / Frensh speaking ?

Software Security Presentation 8

slide-9
SLIDE 9

Questions?

?

Software Security Presentation 9