Web Security
Aperçu des sections
-
Salam, I am Noureddine Amraoui, Ph.D.
I am here to teach you Web Security and assist you all the way through this semester.
The official channel for publishing announcements and resources related to this course is the following Telegram group: https://t.me/+IRGQg8tLNIo4MmE0
You are also welcome to contact me by:
· Telegram: @noureddine_amraoui
· Email: noureddine.amraoui@univ-msila.dz.Objectives
The objective of this course is two folded:
· Through this course lecture, you will understand the technical concepts related to: what and Why the Web is vulnerable. How can such vulnerability be exploited. And how can such vulnerability be mitigated.
· Through practicing labs and assignments, you will get your hands-on the web security Best Practices (such HTTPs protocol, Encryption, Hashing, Authentication, Session Management, Access Control, etc.), as well as how to conduct a penetration testing against a web application.Prerequisites
The students are assumed to have already taken the following courses:
· L2: Web Application Development.
· L3 (ISIL): Advanced Programming for the Web.
· L3 (SI and ISIL): Cyber Security.
· M1 1st Semester (RTIC): Web Technologies.
· M1 2nd Semester (SIGL): Web Technologies.
· M1 2nd Semester (RTIC): IHM of Web Applications.
ContentThe content of this course is divided into six chapters as follows:
· Chapter 1 - Web Fundamentals: In this chapter, the students will have the enough background on the web including how the web wors, different web development technologies, HTTP/S protocol, etc.
· Chapter 2 - Web Vulnerability: In this chapter, the students will
· Chapter 3 - Authentication: In this chapter, the students will
· Chapter 4 - Session Management: In this chapter, the students will
· Chapter 5 - Access Control: In this chapter, the students will
· Chapter 6 - Common Web Vulnerabilities: In this chapter, the students willAssessment Method
· Average Grade: Lab (50%), (Final Exam (50%)
· Lab Mark: 5 Points (Attendance) + 15 Points (Homework).
-
To exploit a web application, you should first know how it is created. That is why, we will start our journey in this Web Security course by first understanding and mastering the web fundamentals.
-
In this chapter, the students will have a background on cyber security. Then, it will understand why the web is vulnerable.
-
In this chapter, the students will understand the technical concepts and mechanisms related to user authentication.
-
In this chapter, the students will understand the technical concepts and mechanisms related to user session management.
-
In this chapter, the students will understand the technical concepts and mechanisms related to authorization and controlling the access to web applications.