L’arte di costruire applicazioni sicure per iOS e Android

Venue: Visconti Palace Hotel

Location: Rome, Italy

Event Date/Time: Nov 14, 2011 End Date/Time: Nov 16, 2011
Report as Spam


This class looks at the unique security problems faced by application developers writing code for today’s mobile platforms. In this first class of the smart phone series, we take a close look at both Apples iOS platform as well as Google’s Android Platform. Together, iOS and Android are the market leaders in the mobile application world. The class presents a clear and practical view of the problems, how they can be attacked, as well as remediation steps against the various attacks. It is heavily hands-on driven to not just describe but demonstrate both the problems and the solutions available.
This class begins its first day with an in-depth look at the security problems faced by today's software developer, as well as a detailed description of relevant the Open Web Application Security Project’s (OWASP) Top 10 of 2010 security defects. These defects are studied in instructor-lead sessions as well as in hands-on lab exercises in which each student learns how to actually exploit the defects to “break into” a real Web application and mobile device simulators. (The labs are performed in safe test environments.)
The class then delves into practical development activities that can be performed throughout the design, implementation, and testing of a mobile application on either platform.
The following two days go deep into each of the two platforms. Each day covers the security principles that apply to smart phones, as well as illustrates them through Case Studies and further hands-on exercises. Each platform architecture and application architecture are then covered in detail, with descriptions of security services at the network/platform layer as well as security services available within the applications themselves.
The class then looks at common security mechanisms found within applications, and discusses how to securely implement them in applications.

Main Topics
Preparation phase: Understanding the problem
Security principles for smart phones
Design review using Threat Modeling
Code review
Security testing
Platform architecture
Application architecture
Common security mechanisms
Platform architecture
Application architecture
Common security mechanisms
Getting Started – How to put this into practice


Via Federico Cesi, 37

Additional Information

For further information please do not hesitate to contact us at info@technologytransfer.it or visit our website at www.technologytransfer.eu