Secure Application Development

Program

Monday March 3rd
09:00 - 10:40 Introduction Johan Peeters
11:00 - 12:40 UNIX/C Programming traps and pitfalls Wietse Venema Hands-on web security Lieven Desmet
01:40 - 03:20 UNIX/C Programming traps and pitfalls Wietse Venema Hands-on web security Lieven Desmet
03:40 - 05:20 Secure development lifecycles compared Kenneth R. van Wyk Software interfaces to cryptographic algorithms Frank Piessens
Tuesday March 4th
09:00 - 10:40 Entity authentication Bart Preneel Joys and horrors of aspect-oriented programming Bart De Win
11:00 - 12:40 Access control Frank Piessens Forensic Discovery Wietse Venema
01:40 - 03:20 Data protection and access control in healthcare Bart Van den Bosch Forensic Discovery Wietse Venema
03:40 - 05:20 Security architectures inside the programming language Frank Piessens Public Key Infrastructures fundamentals Bart Preneel
Wednesday March 5th
09:00 - 10:40 Getting a buy-in to a secure development process André Mariën Network protocols Bart Preneel
11:00 - 12:40 Threat modeling Frank Piessens Security testing Kenneth R. van Wyk
01:40 - 03:20 New developments in cryptology Bart Preneel SANS GSSP exam
03:40 - 05:20 Security architectures Riccardo Scandariato SANS GSSP exam
05:20 - 08:00 SANS GSSP exam
Thursday March 6th
09:00 - 10:40 Using cryptography well Bart Preneel Auditability and accountability Kenneth R. van Wyk
11:00 - 12:40 Engineering requirements for high-assurance systems: a goal-oriented approach Axel van Lamsweerde Talking to Senior Management Georges Ataya
01:40 - 03:20 Elaborating security requirements by analysis of malicious anti-modelsAxel van Lamsweerde Integrating security tools into the SDLC Kenneth R. van Wyk
03:40 - 05:20 Planning and tracking security requirements Johan Peeters Privacy George Danezis
Friday March 7th
09:00 - 10:40 Security architectures - a practical exercise André Mariën Exploiting vulnerabilitiesYves Younan
11:00 - 12:40 International standardization of IT securityMarijke De Soete Hands-on security tools Kenneth R. van Wyk
01:40 - 03:20 Anonymous credentials George Danezis Hands-on security tools Kenneth R. van Wyk
03:40 - 05:20Grand finale with, a.o., Wietse Venema, Axel van Lamsweerde and Bart De Win

Legend
security objectives
development process
mechanisms in current technologies
design
coding
quality assurance
Partners:
Solvay Business School K.U. Leuven L-SEC
Sponsors:
ENISA Atos Worldline
Affiliates:
SANS OWASP ISSA-BE ISACA Belux
webmaster Login Creative Commons License
Contents of the secappdev.org web site
is licensed under a
Creative Commons
Attribution-Noncommercial 3.0 License.