PORTALE DELLA DIDATTICA

Ricerca CERCA
  KEYWORD

DAUIN - GR-10 - Intelligent and Interactive Systems - e-LITE

Building Cybersecurity Competence in Novice Web Developers: A Proposed Support Tool

Parole chiave CYBER SECURITY, DEVELOPERS, DEVELOPMENT TOOLS, PROGRAMMING, SECURITY, WEB, WEB APPLICATIONS

Riferimenti LUIGI DE RUSSIS, JUAN PABLO SAENZ MORENO

Riferimenti esterni Andrea Atzeni

Gruppi di ricerca DAUIN - GR-10 - Intelligent and Interactive Systems - e-LITE, DAUIN - GR-15 - SECURITY GROUP - TORSEC

Tipo tesi EXPERIMENTAL, RESEARCH

Descrizione In getting proficient with web applications implementation, novice web developers lack experience and knowledge in cybersecurity best practices. What is more, typical web development courses do not commonly address security-related topics. As a result, developers often think of security later in the development process, instead of including it from the beginning. As such, it is crucial to provide web developers (especially, novices) with the necessary tools and support to enhance their cybersecurity skills and address security challenges effectively.

The primary objectives of this thesis proposal are as follows:
* To identify the common cybersecurity challenges faced by novice web developers in building web applications.
* To propose a software support tool that can guide novice web developers during the coding so that they can address these challenges effectively.
* To evaluate the effectiveness of the proposed support tool in enhancing the cybersecurity practices of novice web developers.

To achieve these objectives, the following methodology can be adopted:
* Conduct a literature review to identify the common cybersecurity challenges that novice web developers face and the existing support frameworks available, including documents such as the OWASP Code Review Guide (https://owasp.org/www-project-code-review-guide/).
* Develop a support tool directly integrated into the development environment to assist novice web developers in addressing such security challenges.
* Evaluate the effectiveness of the proposed support framework with novice web developers who have used the system.

If appropriate, the outcome of the work will be released as an open-source project and shared with relevant communities.

Note  Interested students are encouraged to contact the advisors to discuss and agree on the actual thesis work, which can be potentially adapted to specific skills and interests.


Scadenza validita proposta 19/09/2023      PROPONI LA TUA CANDIDATURA




© Politecnico di Torino
Corso Duca degli Abruzzi, 24 - 10129 Torino, ITALY
Contatti