Some "Secure Programming" Exercises for an Introductory Programming Class

نویسنده

  • Matt Bishop
چکیده

Ideally, computer security should be an integral part of all programming courses. Beginning programming classes pose a particular challenge, because the students are learning basic concepts of programming. Thus, teaching them about buffer overflows as security problems, requiring an explanation of concepts such as ―smashing the stack,‖ will confuse students more than motivate them to check array bounds. Advanced concepts such as race conditions require more background than the students have, or will have, when taking introductory programming classes. An alternate approach is to teach the underlying concepts of robust programming; preventing crashes or errors is central to such a course. This paper presents some exercises that illustrate this approach, and some thoughts on what constitutes ―secure programming‖.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Teaching Introductory Programming to IS Students: The Impact of Teaching Approaches on Learning Performance

Introductory programming courses are typically required for undergraduate students majoring in Information Systems. Instructors use different approaches to teaching this course: some lecturing and assigning programming exercises, others only assigning programming exercises without lectures. This research compares the effects of these two teaching approaches on learning performance by collecting...

متن کامل

Software for E-Assessment of Programming Exercises

This paper discusses the use of computer-based assessment (CBA) tools for e-assessment of programming exercises. Because many elearning tools already exist but provide different features, it is useful to integrate such tools. In particular, a combination of a virtual learning environment and a CBA tool provides many advantages (and also some challenges) as discussed in the paper. The paper repo...

متن کامل

Search, Align, and Repair: Data-Driven Feedback Generation for Introductory Programming Exercises

This paper introduces the “Search, Align, and Repair” datadriven program repair framework to automate feedback generation for introductory programming exercises. Distinct from existing techniques, our goal is to develop an efficient, fully automated, and problem-agnostic technique for large or MOOC-scale introductory programming courses. We leverage the large amount of available student submiss...

متن کامل

Posynomial geometric programming problem subject to max–product fuzzy relation equations

In this article, we study a class of posynomial geometric programming problem (PGPF), with the purpose of minimizing a posynomial subject to fuzzy relational equations with max–product composition. With the help of auxiliary variables, it is converted convert the PGPF into an equivalent programming problem whose objective function is a non-decreasing function with an auxiliary variable. Some pr...

متن کامل

The More You Teach, the Less They Learn: Effects of Teaching Approaches on Learning Performance

Typically, an introductory programming course is a required course for business college undergraduate students majoring in information systems. Different instructors may have different approaches to teaching this course: Some give lectures and assign programming exercises, while others only assign programming exercises without giving lectures. This research deliberately compared the effects of ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2009