Course - Software Security and Data Privacy - TDT4237
TDT4237 - Software Security and Data Privacy
About
Examination arrangement
Examination arrangement: School exam
Grade: Letter grades
| Evaluation | Weighting | Duration | Grade deviation | Examination aids |
|---|---|---|---|---|
| School exam | 100/100 | 4 hours | E |
Course content
The course will go through all the phases in the secure software development lifecycle (requirements, design, implementation, and testing) focusing on how to incorporate security in each phase and what techniques to use. The main focus is on web-based applications and mobile apps. The course will also cover basic knowledge related to data privacy, such as GDPR.
Learning outcome
After having taken this course, students should be able to: 1) Identify and fix typical security vulnerabilities of web applications. 2) Explain typical cryptography concepts and algorithms that are related to web application; 3) Apply the threat modeling methods to analyze web application; 4) Describe and compare software engineering practices and standards related to software security; 5) Apply risk-based testing for development; 6) Explain key authentication and access control concepts and methods; 7) Explain and apply principles of GDPR and data privacy.
Learning methods and activities
Lectures and mandatory exercises.
Compulsory assignments
- Exercises
Further on evaluation
The final written exam counts 100% of the grade. The text for the written final exam will be in English. The candidates may choose to write their answers in either English or Norwegian. If there is a re-sit examination, the examination form may change from written to oral.
Recommended previous knowledge
The students should be familiar with software engineering and web development. For the exercises we will use Python and JavaScript as the programming languages.
Required previous knowledge
Knowledge in Web applications and Python and JavaScript
Course materials
To be announced at the beginning of the semester.
Credit reductions
| Course code | Reduction | From | To |
|---|---|---|---|
| IIKG3000 | 2.5 | AUTUMN 2021 |
Version: 1
Credits:
7.5 SP
Study level: Second degree level
Term no.: 1
Teaching semester: SPRING 2023
Language of instruction: English
Location: Trondheim
- Computer and Information Science
- Communication and Information Science
Department with academic responsibility
Department of Computer Science
Examination
Examination arrangement: School exam
- Term Status code Evaluation Weighting Examination aids Date Time Examination system Room *
- Spring ORD School exam 100/100 E 2023-05-15 09:00 INSPERA
-
Room Building Number of candidates SL120 blå sone Sluppenvegen 14 15 SL415 Sluppenvegen 14 53 SL210 Sluppenvegen 14 51 SL111 blå sone Sluppenvegen 14 36 SL111 grønn sone Sluppenvegen 14 14 SL110 turkis sone Sluppenvegen 14 80 SL510 Sluppenvegen 14 14 SL215 Sluppenvegen 14 1 SL238 Sluppenvegen 14 2 SL121 Sluppenvegen 14 1 - Summer UTS School exam 100/100 E INSPERA
-
Room Building Number of candidates
- * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.
For more information regarding registration for examination and examination procedures, see "Innsida - Exams"