Projekt
Web Shop Under Attack
The course includes one project assignment. This is a programming project in which you will create a small but essentially fully functional web shop. You will secure your web shop against some common web threats, and you will demonstrate how some of these attacks work and how to mitigate them.
The project must be completed in groups of 3-4 people. Paul has assigned you to a project group according the grouping list found here.
Your group will produce and hand in three deliverables:
- Source code for your web shop (code and configuration files)
- A written report
- Material for oral presentation
The project groups will be divided into small clusters of 3 (or 2) project groups, and you will make an oral presentation in English for Paul and the groups in your cluster.
You will both provide and receive feedback on written and oral presentations, as specified in the detailed project instructions below.
Project documents
Detailed project instructions: here
Functionality review form: here
Contribution statement form: here
Deadlines
2016-09-09 at 10.59, contact you group manager. (non-managers)
2016-09-09 at 23.59, confirm group member participation. (group managers)
2016-09-14 at 23.59, book presentation time (time slots listed below). (cluster manager)
2016-10-04 at 23.59, mail your report to your reviewers, cc Paul. (group manager)
2016-10-06 at 23.59, mail your reviews to your peers, cc Paul. (group manager)
2016-10-11 at 23.59, functionality reviews completed. (no separate action required)
2016-10-12 at 23.59, mail your code, configuration files (both web server and PHP) and report bundle to Paul. (group manager)
Day before scheduled presentation at 23.59, mail presentation slides (pdf) to Paul. (group manager)
Grouping
See separate grouping menu for project group and cluster definitions.
Functionality reviews
Functionality reviews are performed by the project groups pairwise, according to the detailed project description and the functionality review form. Functionality reviewing does not require any teacher supervision - the groups can organize for a code review session when this is suitable for all group members. However, if you would prefer to have a teacher present during your functionality review, please use the following pre-booked times and locations for your review session. Paul will be present for support, if so desired. Multiple and parallel sessions are expected.
2016-10-10, Mon, 9.00 - 10.30, E:3139
2016-10-11, Tue, 9.00 - 10.00, E:3139
Office hours
Paul is available at his office in E:3120d for IRL consultation on most Tuesdays and Thursdays 13.15 - 15.00. If office hours coincide with an exercise session, Paul will be at the exercise session.
Please respect these office hours!
At other hours, you may use Paul's 24/7 mailing service. That is, you can email your question to Paul at any time, and Paul will answer as soon as it is conveniently possible to do so.
Available presentation slots (room E:2517):
If you need only the presentation slides that you handed in (pdf format), Paul will bring those.
You may then use Paul's computer for your presentation, if you wish to.
If you want to use anything other than a pdf presentation, bring your own computer.
There is a projector in E:2517 with HDMI and VGA connectors.
2016-10-19, Wed, 9.00 - 10.00
2016-10-19, Wed, 10.00 - 11.00
2016-10-19, Wed, 11.00 - 12.00
2016-10-19, Wed, 13.00 - 14.00
2016-10-19, Wed, 14.00 - 15.00
2016-10-19, Wed, 15.00 - 16.00
2016-10-19, Wed, 16.00 - 17.00
2016-10-20, Thu, 13.00 - 14.00
2016-10-20, Thu, 14.00 - 15.00
2016-10-20, Thu, 15.00 - 16.00
2016-10-20, Thu, 16.00 - 17.00
Booked presentation slots (cluster-sorted):
Note: No academic quarter!
Red cluster (groups 1 - 3), 2016-10-19, Wed, 10.00 - 11.00
Orange cluster (groups 4 - 6), 2016-10-19, Wed, 15.00 - 16.00
Yellow cluster (groups 7 - 9), 2016-10-20, Thu, 13.00 - 14.00
Green cluster (groups 10 - 12), 2016-10-19, Wed, 9.00 - 10.00
Blue cluster (groups 13 - 15), 2016-10-19, Wed, 13.00 - 14.00
Purple cluster (groups 16 - 18), 2016-10-20, Thu, 14.00 - 15.00
Pink cluster (groups 19 - 21), 2016-10-19, Wed, 14.00 - 15.00
Booked presentation slots (time-sorted):
Note: No academic quarter!
2016-10-19, Wed, 9.00 - 10.00, Green cluster (groups 10 - 12)
2016-10-19, Wed, 10.00 - 11.00, Red cluster (groups 1 - 3)
2016-10-19, Wed, 13.00 - 14.00, Blue cluster (groups 13 - 15)
2016-10-19, Wed, 14.00 - 15.00, Pink cluster (groups 19 - 21)
2016-10-19, Wed, 15.00 - 16.00, Orange cluster (groups 4 - 6)
2016-10-20, Thu, 13.00 - 14.00, Yellow cluster (groups 7 - 9)
2016-10-20, Thu, 14.00 - 15.00, Purple cluster (groups 16 - 18)