Web Trust and Security Project

From WebScience

Jump to: navigation, search


Fact Box
Module Web Trust and Security
Course
representatives
Hans Ludwig Stahl
Credits 6
Term Term 2
Course is required
Current course page Winter 2014
Active Yes


Contents

The Big Idea

Within the domain of Web Science in general but also in the context of Web Trust and Security in particular, the initiation, definition, development, planning, executing, and evaluation of projects are essential for the professional work. In many well-established areas of software development, models as the waterfall model or the V-model stand for the classical (sometimes outdated) approach. In contrast to this the projects in the context of Web Trust and Security are typically characterized by an iterative and more agile approach, like implemented by scrum, and take multiple perspectives into account.

Based on this kind of approach to performing projects special aspects of the other courses of this module will be deepened. The project work is being done in groups, each group working on different topics and consisting of presumably two to five students, depending on the number of participants. Due to the setup of the master programme, the students work from their habitations. As a consequence the work should be organized based on web tools.

The project focus is to exemplarily use special methods of investigation to find out more about some given web resources striving for information about trust.

Intended Learning Outcomes

As a result of the course, participating students will become acquainted with the development of web projects with the focus on web trust and security. Especially they should be able to …

  • have a deeper understanding of web trust and security
  • define goals, identify threats and select appropriate methods to achieve the goals
  • exercise appropriate methods to assure web security
  • apply suitable methods to assess web trust

Structure of the Course

In the first phase, the students are asked to identify areas, topics and perspectives to deal as the focus of their project with respect to Web Trust and Security. Input is provided by the lecturers in terms of proposals. As an additional preparation the literature given as references should be read. As a result of this phase groups of two to five students are formed based on interest in the domain of the projects. The groups then develop an exposé and define two or three perspectives that they want to concentrate on. Background material for diverse aspects of project management can be found in the references [1], [2], [3], [4], [5], [6] and [7].

In the second phase, a concept for the project is developed. The perspectives of Web Trust and Security are identified and lectures from the perspectives are asked to commit as reviewers during the project. In addition, for every project group, another project group is selected and confirmed for peer review. The phase concludes with the students, the reviewers, and the course lecturer to the project.

The subsequent performance of the projects depends on the individual project plans. At least two milestones in each project will be used for the review of the project status, risks, and direction.

The projects are finalized by the submission of the project documentation, a project presentation and an expert talk.

Didactic Concept, Schedule and Assignments

The course concept contains online workshops, online discussions, milestone meetings and audits. In addition there is an introductory and final on site presence. Online meetings are held on one evening per week during the project.

Introductory lesson on site

After a short repetition of the relevant course details specific projects concerning current topics in web trust and security will be presented. As a result of this introductory workshop the students will form groups and subsequently choose a project and herewith a relevant perspective.

As an additional preparation for the introductory lesson the references given should be read.

Online session for the commitment on the project concepts

The online sessions are covered by the students who present their concepts for the project. The specific project perspectives are identified and evaluation criteria are to be developed. For every project group, another project group is selected and confirmed for peer review. Furthermore the lecturer from the specific perspective is asked to commit as a reviewer during the project. So the phase concludes with the students, the reviewers and the course lecturer to the project.

Online milestone meetings

The subsequent performance of the projects depends on the individual project plans. Each group will have to define two milestones, where online status meetings are being held with the relevant course lecturer. The students report their progress related to the milestone definition.

Online audits

Online audits are being held as plenary sessions. The audits have the focus on reporting the project status. The audits also serve as a communication platform among the different student projects. By discussing the status of other projects the students learn from each other.

Wrap-up session on site

The projects are finalized by the on-site meeting, where the project groups present their work and discuss it with the course lecturer and the perspective lecturers. The session is performed as a plenary session and it is the purpose to motivate all participants to contribute also their views to the projects.

Examination

Rating of the work performed

The project plan (concept and schedule) and its further development, the presentation document, the presentation during the wrap-up session on site, the contribution via peer review and the participation in the discussion serve as the base for the grade.

Criteria for grading

  • Not only has the "speaker" of each group but also every member of the group to contribute to the presentation of the groups concept, the schedule and the various discussions.
  • Since the project is to be performed by groups, each member of the group has to make a substantial contribution to the presentation, to be reflected in a speaking time of at least 10 minutes. Each member of the project team should spend nearly the same amount of time than the others during the presentation.
  • The overall quality of a presentation should withstand professional standards.
  • The peer reviews should be well-founded, well-structured and concrete in an appropriate way.

References


[1] ANDREWS, Mike, WITTHAKER, James A.: How to Break Web Software: Functional and Security Testing of Web Applications and Web Services. Addison-Wesley Longman, Amsterdam 2006

[2] BROGAN, Chris; SMITH, Julien: Trust Agents – Using the Web to build Influence, improve Reputation, and earn Trust. John Wiley & Sons Inc., Hoboken, New Jersey 2010

[3] HADNAGY, Christopher: The Art of Human Hacking. Wiley Publishing Inc., Crosspoint Boulevard, Indianapolis 2011

[4] MICROSOFT CORPORATION: When to trust a website. http://windows.microsoft.com/en-us/windows-vista/When-to-trust-a-website (Retrieved 30/05/2012)

[5] O’HARA, Kieron; HALL, Wendy: Web Science. http://eprints.soton.ac.uk/273097/1/ohara-hall-web-science.pdf (Retrieved 29/03/2012)

[6] SCHNEIER, Bruce: Liars and Outliers – Enabling Trust in a Society that needs to thrive. John Wiley & Sons Inc., Crosspoint Boulevard, Indianapolis 2012

[7] SCHNEIER, Bruce: Secrets & Lies – Digital Security in a Networked World. Wiley Publishing Inc., Indianapolis, Indiana 2004


Past Course Pages