Back close

Course Detail

Course Name Database and Web Application Security
Course Code 18SN715
Program M. Tech. in Cyber Security Systems & Networks
Credits Amritapuri
Year Taught 2018

Syllabus

Course Syllabus

Database security – Introduction includes threats, vulnerabilities and breaches,Basics of database design,DB security – concepts, approaches and challenges, types of access controls, Oracle VPD,Discretionary and Mandatory access control – Principles, applications and poly-instantiation, Database inference problem, types of inference attacks, distributed database, security levels, SQL-injection: types and advanced concepts.Security in relational data model, concurrency controls and locking,SQL extensions to security (oracle as an example), System R concepts, Context and control based access control,Hippocratic databases, Database watermarking,Databaseintrusion,Secure data outsourcing, Web application security, Basic principles and concepts, Authentication, Authorization, Browser security principles; XSS and CSRF, same origin policies, File security principles, Secure development and deployment methodologies,Web DB principles, OWASP – Top 10 – Detailed treatment,IoT security – OWASP Top 10 – Detailed treatment,Mobile device security – Introduction, attack vector and models, hardware centric security aspects, SMS / MMS vulnerabilities, software centric security aspects, mobile web browser security,Application security – Concepts, CIA Triad, Hexad, types of cyber attacks,Introduction to software development vulnerabilities, code analyzers – Static and dynamic analyzers,Security testing / Penetration testing – Principles and concepts, PT work flows and examples, blind tests, ethical hacking techniques, synthetic transactions, interface testing and fuzzing,SDLC phases and security mandates.

Text Books / References

  1. Michael Gertz and SushilJajodia, “Handbook of Database Security— Applications andTrends”, Springer, 2008.
  2. Bryan and Vincent, “Web Application Security, A Beginners Guide ”,McGraw-Hill, 2011
  3. BhavaniThuraisingham, “Database and Applications Security”, Integrating Information Security and Data Management, Auerbach Publications, 2005.
  4. Alfred Basta, Melissa Zgola, “Database Security”, Course Technology, 2012.

Resources

“Database and Web Application Security” is an elective course offered in M. Tech. in Cyber Security Systems & Networks program at School of Engineering, Amrita Vishwa Vidyapeetham, Amritapuri.

DISCLAIMER: The appearance of external links on this web site does not constitute endorsement by the School of Biotechnology/Amrita Vishwa Vidyapeetham or the information, products or services contained therein. For other than authorized activities, the Amrita Vishwa Vidyapeetham does not exercise any editorial control over the information you may find at these locations. These links are provided consistent with the stated purpose of this web site.

Admissions Apply Now