MSCCYB Secure Programming For Application Development Assessment

Project Description

The project requires the security testing of an application that is provided by the lecturer and to provide a fix to the vulnerabilities identified. Students are required to investigate and critically assess the state of the art in the latest programming paradigms to create security controls that prevent common application security vulnerabilities and to place the programming language used for the application provided in this context. Students are required to present the state of the art in security testing, latest solutions, tools, etc. (references should focus on IEEE/ACM peer reviewed papers, but not only) and to use such solutions.

There are two main deliverables associated with the final submission of the project:

• A technical report 80%
• A video presentation 20%

It will also be a requirement to prepare a presentation and demonstrate the developed application which must be submitted on Moodle also..

PLEASE NOTE THAT IF YOU DO NOT SUBMIT A PRESENTATION AND DEMONSTRATE YOUR APPLICATION, NO OTHER PART OF THE PROJECT WILL BE ASSESSED. YOU WILL BE AWARDED ZERO MARKS.

Technical Report Part One (50 Marks)

The report must clearly identify:

• A critical analysis of the provided application against its adherence to the rules of secure programming as they relate to any four of the following
  1. Security Features
  2. Time & State
  3. Errors
  4. Input Validation & Representation
  5. API Abuse
  6. Code Quality
  7. Encapsulation
  (20 Marks)
• How you tested the application using state of the art security testing techniques and clear examples of errors uncovered in the application security implementation. (10 Marks)
• Performed a manual code review (see table 1) and clearly what was uncovered during this review. (10 Marks)
• Proposed to solve errors found in the application code. (10 Marks)

Report Section Two (30 Marks)

The second part of the report is independent of the provided code and requires you to research a topic. The focus of this topic is on:

1. User: by Investigate and critically assessing the impact of application security vulnerabilities on users of software products. This must include the identification of a well-documented security breech in a commercial application (not a web application) and a clear identification of the impact this had on the applications stakeholders. (15 Marks)
2. Developers: Investigate and critically assess the state of the art in the latest programming paradigms to create security controls that prevent common application security vulnerabilities. This must specifically be focused on the JAVA programming language and must clearly identify what security aspects the language affords developers as standard. (15 Marks)

Presentation (20%)

Clarity of presentation (1 Mark)
Adherence to 10 Minute time limit (1 Mark)
Clear demonstration of all security considerations and preventions in the application (8 Marks)

Are you struggling to keep up with the demands of your academic journey? Don't worry, we've got your back! Exam Question Bank is your trusted partner in achieving academic excellence for all kind of technical and non-technical subjects.

Our comprehensive range of academic services is designed to cater to students at every level. Whether you're a high school student, a college undergraduate, or pursuing advanced studies, we have the expertise and resources to support you.

To connect with expert and ask your query click here Exam Question Bank