htw saar Piktogramm
Back to Main Page

Choose Module Version:


Web Security Project

Module name (EN): Web Security Project
Degree programme: Computer Science and Communication Systems, Bachelor, ASPO 01.10.2017
Module code: KIB-PWS
Hours per semester week / Teaching method: 1V+1PA (2 hours per week)
ECTS credits: 3
Semester: 6
Mandatory course: no
Language of instruction:
Project, presentation, documentation

[updated 12.04.2018]
Applicability / Curricular relevance:
KI614 Computer Science and Communication Systems, Bachelor, ASPO 01.10.2014, semester 6, optional course, technical
KIB-PWS Computer Science and Communication Systems, Bachelor, ASPO 01.10.2017, semester 6, optional course, technical
PIBWI62 Applied Informatics, Bachelor, ASPO 01.10.2011, semester 6, optional course, informatics specific
PIB-PWS Applied Informatics, Bachelor, ASPO 01.10.2017, semester 4, optional course, informatics specific
30 class hours (= 22.5 clock hours) over a 15-week period.
The total student study time is 90 hours (equivalent to 3 ECTS credits).
There are therefore 67.5 hours available for class preparation and follow-up work and exam preparation.
Recommended prerequisites (modules):
Recommended as prerequisite for:
Module coordinator:
Prof. Dr. Damian Weber
Dipl.-Inform. Dominik Brettnacher

[updated 09.04.2018]
Learning outcomes:
After successfully completing this module, students will have learned about typical security holes in web applications.
They know about the effects of such mistakes and how to avoid them in practice.
- Secure development of web applications, getting to know typical target (attack) areas

[updated 12.04.2018]
Module content:
- Exemplary implementation of a small application that will be developed during the course of the module.
- Technical and economic impact of exploitable vulnerabilities on the Internet.
- Incident response: My server has been hacked: what do I do if it is already too late?

[updated 12.04.2018]
Recommended or required reading:
2011 CWE/SANS Top 25 Most Dangerous Software Errors
Günter Schäfer: Netzsicherheit: Algorithmische Grundlagen und Protokolle,
dpunkt.verlag 2003
Risk Management Guide for Information Technology Systems (NIST SP 800-30),
Telekommunikationsgesetz, § 109
Kryptographische Verfahren: Empfehlungen und Schlüssellängen (BSI
TR-02102-1), 2017
Module website:

[updated 12.04.2018]
[Mon Nov 29 10:10:52 CET 2021, CKEY=kpw, BKEY=ki2, CID=KIB-PWS, LANGUAGE=en, DATE=29.11.2021]