Security Learning

Towson University is one of the few colleges in the country that introduces secure coding from the first programming course to ensure that students learn secure and responsible coding. The SPLASH program includes security modules from the Security Injections @ Towson project (www.towson.edu/securityinjections) to introduce secure coding concepts such as :

  • Integer error : Integer errors can happen when assignments, mathematical operations, and external input lead to a result that is too large to fit within the range of values that can be stored in variables of a given data type. These errors can lead to loss of data due to overflow, truncation, or sign problems.
  •  Input validation : Input validation vulnerabilities are caused by failure to verify that input data are within the right value range, contain the right data, or otherwise meet the appropriate specification.
  • Buffer overflow : Buffer overflow involves writing a value outside the boundaries of a bounded, static-size array.