Security and computer forensics in web engineering education

Abstract

The integration of security and forensics into Web Engineering curricula is imperative! Poor security in web-based applications is continuing to cost organizations millions and the losses are still increasing annually. Security is frequently taught as a stand-alone course, assuming that security can be 'bolted on' to a web application at some point. Security issues must be integrated into Web Engineering processes right from the beginning to create secure solutions and therefore security should be an integral part of a Web Engineering curriculum. One aspect of Computer forensics investigates failures in security. Hence, students should be aware of the issues in forensics and how to respond when security failures occur; collecting evidence is particularly difficult for Web-based applications