DAUIN - GR-10 - Intelligent and Interactive Systems - e-LITE
Building Cybersecurity Competence in Novice Web Developers: A Proposed Support Tool
External reference persons Andrea Atzeni
Thesis type EXPERIMENTAL, RESEARCH
Description In getting proficient with web applications implementation, novice web developers lack experience and knowledge in cybersecurity best practices. What is more, typical web development courses do not commonly address security-related topics. As a result, developers often think of security later in the development process, instead of including it from the beginning. As such, it is crucial to provide web developers (especially, novices) with the necessary tools and support to enhance their cybersecurity skills and address security challenges effectively.
The primary objectives of this thesis proposal are as follows:
* To identify the common cybersecurity challenges faced by novice web developers in building web applications.
* To propose a software support tool that can guide novice web developers during the coding so that they can address these challenges effectively.
* To evaluate the effectiveness of the proposed support tool in enhancing the cybersecurity practices of novice web developers.
To achieve these objectives, the following methodology can be adopted:
* Conduct a literature review to identify the common cybersecurity challenges that novice web developers face and the existing support frameworks available, including documents such as the OWASP Code Review Guide (https://owasp.org/www-project-code-review-guide/).
* Develop a support tool directly integrated into the development environment to assist novice web developers in addressing such security challenges.
* Evaluate the effectiveness of the proposed support framework with novice web developers who have used the system.
If appropriate, the outcome of the work will be released as an open-source project and shared with relevant communities.
Notes Interested students are encouraged to contact the advisors to discuss and agree on the actual thesis work, which can be potentially adapted to specific skills and interests.
Deadline 19/09/2023 PROPONI LA TUA CANDIDATURA