Abstract
Current and future Information Systems (IS) personnel and management need to understand SQL Injection, cross-site scripting (XSS), and other web-originating information security vulnerabilities. These can have severe negative impacts, and minimizing these threats is an important consideration for application developers. There are many resources on the Internet and in books to help educate people about these and similar intrusions. The Open Web Application Security Project (OWASP) includes a robust amount of information on this subject and is an excellent starting point in the creation of lecture, demonstration, and student practice on the subject. Using OWASP resources and active software examples is an effective and efficient method to teach IS students on potential security breaches and their prevention.
Recommended Citation
Cole, Carey and Mitri, Michel, "Teaching Secure Programming to Information Systems Students via OWASP Techniques and Libraries" (2012). AMCIS 2012 Proceedings. 20.
https://aisel.aisnet.org/amcis2012/proceedings/ISEducation/20
Teaching Secure Programming to Information Systems Students via OWASP Techniques and Libraries
Current and future Information Systems (IS) personnel and management need to understand SQL Injection, cross-site scripting (XSS), and other web-originating information security vulnerabilities. These can have severe negative impacts, and minimizing these threats is an important consideration for application developers. There are many resources on the Internet and in books to help educate people about these and similar intrusions. The Open Web Application Security Project (OWASP) includes a robust amount of information on this subject and is an excellent starting point in the creation of lecture, demonstration, and student practice on the subject. Using OWASP resources and active software examples is an effective and efficient method to teach IS students on potential security breaches and their prevention.