Website security is essential for successful e-commerce ventures, but the vital “how-to” components of security are often lacking in academic courses. This paper describes our attempt to instill an awareness of security concerns and techniques by having the students develop an Artist eXchange website, a social networking site that permits the posting and sharing of pictures, music, and text, including an end-user rating system. The six-homework set progresses through HTML, JavaScript, PHP, MySQL, file uploads, and security testing. An innovative feature is that each assignment is evaluated via automated testing, which guides the student toward detecting and correcting mistakes, especially with regard to common attack vectors. Categories and Subject Descriptors K.3.2 [Computers and Education]: Computer and Information Science Education—Computer science education, Curriculum General Terms Design, Security Keywords Electronic commerce, software laboratory, virtual labs, handson pr...
Joel Coffman, Alfred C. Weaver