Mobile and Web Application Security

1.

Subject title

Mobile and Web Application Security

Безбедност на мобилни и веб апликации

2.

Code

m23_w_053

3.

Study program

Data science in computer science and engineering, Bioinformatics, Cloud Computing, IT management, Еducation with ICT, Eco-informatics, Inteligent Systems, Internet Technologies and cyber security, Computer Science, Statistics and Data Analytics, Software for embedded systems, Software Engineering, Cloud Computing, IT management, Bioinformatics, Security, Cryptography and Coding, Statistics and Data Analytics, Software Engineering, Security, Cryptography and Coding,

4.

Organizer of the study program (unit, institute, department, division)

Faculty of Information Sciences and Computer Engineering

5.

Study cycle (first, second, third)

Втор циклус

6.

Academic year / semester

5 / Зимски

7. Number of ECTS credits

6.0

8.

Instructor

ворн. проф. д-р Ристе Стојанов

9.

Prerequisites for enrollment

10.

Subject goals and competencies:

The subject will introduce students to possible threats and attacks on web and mobile applications and detecting them. It will give a detailed review of approaches to achieving greater security in mobile and web applications, using: web server security, using the security of mobile operating systems, implementation of application protection mechanisms, promoting AJAX security, Web service protection. Upon completion of the course, the student is expected to be able to: configure web server protection, designing a security solution for mobile applications, and implement appropriate techniques for protecting mobile and web applications. Students will be able to analyze and determine the weaknesses of existing mobile and web applications, as well as to propose solutions to overcome them.

11.

Subject content:

- modeling web security - modeling the security of mobile applications - configuration of http security - Detection of unauthorized content modification - Protecting the interaction between application and databases - Session Authentication Management - Performing an entrance validation - Protecting web services - Scan the weakness of applications - Model of Safety in Mobile Operating Systems

12.

Learning methods:

Предавања, проекти, дискусии, работилници

13.

Total available time fund

6.0 ECTS x 30 hours = 180 hours

14.

Time distribution

60 + + 45 + 45 + 30 = 180 hours

15.

Forms of teaching activities

15.1.

Lectures - theoretical teaching

60 hours

15.2.

Exercises (laboratory, classroom), seminars, team work

hours

16.

Other forms of activities

16.1.

Project tasks

45 hours

16.2.

Independent tasks

45 hours

16.3.

Homework

30 hours

17.

Grading method

17.1.

Tests

0 points

17.2.

Seminar work / project (presentation: written and oral)

45 points

17.3.

Activities and learning

20 points

17.4.

Final exam

0 points

18.

Grading criteria (points / grade)

up to 50 points

5 (five) (F)

from 51 to 60 points

6 (six) (E)

from 61 to 70 points

7 (seven) (D)

from 71 to 80 points

8 (eight) (C)

from 81 to 90 points

9 (nine) (B)

from 91 to 100 points

10 (ten) (A)

19.

Condition for signature and taking final exam

Реализирани активности 15, 16

20.

Language of instruction

Македонски и англиски

21.

Quality assurance method

Механизам на интерна евалуација и анкети

22.

Literature

22.1.

Mandatory literature

22.2.

Additional literature