Jump to content

Help me with my Advanced Secure Programming Module please


Recommended Posts

Posted

I just received a project from my Advanced Secure Programming module and I need help on just starting really. Here is the description:

The project requires the implementation of a secure application (of student’s choice) in any programming language. The application should cover at least 4 out of the seven pernicious kingdoms.

(https://cwe.mitre.org/documents/sources/SevenPerniciousKingdoms.pdf):

       Input validation and representation (mandatory) 

       API abuse 

       Security features 

       Time and state 

       Errors (mandatory) 

       Code quality  

       Encapsulation  

 

I just need an idea on what I could do really, if anyone can provide any examples or places I could learn certain things I would really appreciate it, as I'm not the best at coding.

All help appreciated!

Posted

I suggest picking the programming language you're most comfortable with and then determining the type of application you want to make.  A simple practical use application will tend to be easier to develop IMO.

For the next part you'll want to imagine an attacker or a user randomly sending inputs; and attempt to defend against all undesirable outcomes that might result.

You might want to for instance allow the user to enter a password as a security feature, but that entered information will then require input validation.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.