Principal Instructor : Dr. Aris Cahyadi Risdianto
Co-Principal Instructor : Sristi Lakshmi Sravana Kumar
This module is one of the two modules where students get to practice information security concepts learned in the classroom with more hands-on experience. Students work in a group to learn, discuss, develop, analyze, and fix the security of applications. This module is aligned with an emerging paradigm of DevSecOps.
This module is trying to help students in applying information security concepts in the software development process. Students are expected to discuss and analyze an application development along with the security concepts related to the deployment of the application. Then, students work in a group to develop the application and fix the security threats/holes of that application. Project activities include proposing and discussing (i.e., pitching) ideas for application development and security solution, developing/testing basic applications, and analyzing/fixing the security vulnerability of the application using open-source tools.
After completing this module, students should gain confidence and experience in participating and contributing to a team in developing an application and analyzing the security vulnerability of that application. They should also have better knowledge and deeper experience in applying various information security concepts and practices in a real-world scenario and environment.
Project and Assignment – 100
Week | Tasks | Assignment |
---|---|---|
Week 1-2 | Topic and group member selection | None |
Week 3-4 | Planning and task definition/assignment | Project Design Documentation Feature-to-Issue |
Week 5-7 | Development phase and demo | Testing Plan Project Development Progress |
Week 8-10 | Security Testing and Analysis | Code Security Review Project Security Assessment Security-to-Issue |
Week 11-14 | Fixing the security issue and Final report | Final Demo and Presentation |
Final Grade = (60% x Grading 1) + (40% x Grading 2)
- It is taken based on the mid-term survey
- It is used "modified" version of Net Promoter Score (NPS)
NOTE : All Assignment will be given "pass" result, so it will not affect the final grading
- It is taken based on the final-term survey using Luminus system
- It will be done during final presentation and demonstration on April 22nd 2021
- Every member of the group will give mark for other groups
- CTF Platform with centralized/federated authentication (Team-A)
- Streaming Bot to Generate Video Streaming Activity (Team-B)
- Web Server to Provide Web-based Virtual Desktop (Team-C)
- Email Bot to Generate Email-related Activity (Team-D)
Name | Github Username |
---|---|
Clinton Chen Chong Yuan | E0260261 |
Eunice Kwang Ya Ting | Eunicekwang |
Ng Song Wen, Marcus | marcus-ng-nus |
Sng Tee Kiat Remus | e0260229 |
Name | Github Username |
---|---|
Jon Koo Yun Heng | jkooyh08 |
Ho Jun Rong | StenleyHJR |
Yap Choon Hock | derrickyap |
Koh Kok Suan | kohks |
Name | Github Username |
---|---|
Xu Chongjian | e0260253 |
Liu Juntong | Juntong31 |
Tan Guan Hao | Casopher |
Ernest Voon Chin Siang | ernestvoon |
Name | Github Username |
---|---|
Desmond Yew Wen Yang | e0260237 |
Png Chengxiang | superdupercat3 |
Tanujah Swaminathan | tanujah |