CS 4401 (A12): Software Security Engineering
BS/MS Assignment

DUE by the start of B-term, by email to Professor Fisler

Simply stated, your task is to work out the security implementation details for our online literary magazine example in the context of a target platform and development framework of your choice. You are not being asked to implement the system. Rather, you are being asked to nail down design decisions for the system relative to the features and constraints of your chosen platform and framework.

For example, you might choose to build this as an Android application in Java, or as a web-application in Ruby on Rails, or whatever else suits you. Pick a realistic modern delivery platform and device that interests you. If you aren't sure whether your choice is reasonable, check with Professor Fisler.

This term, we're discussing a number of threats and design criteria for software systems. We have not discussed specific algorithms to use for issues such as input sanitization and encryption, or specific techniques for generating and managing session tokens and cookies (if applicable). At core, this project asks you to research the options available in your chosen platform and recommend specific implementation decisions for each one.


Start from the original system description, adding the cloud-based storage requirement from the threat-modeling assignment (but without the VOIP service or free-article extensions).

  1. Explicitly state the concrete security goals your implementation will meet.

  2. Specifically list which technologies you will use in your implementation, down to details such as:

    Also discuss security-specific decisions around your components: which platform/language-specific algorithms, how you will organize information to get access controls, etc. For each decision, explain why you chose it relative to the goals; your explanation should cover the assurance you got from your choice relative to other options.

  3. Assess the security of your design: what weaknesses do you believe remain and why didn't you address them?; what usage policies need to surround your system so that it gets used securely?

Overall, you are trying to convince me that you understand how all of the issues we discussed this term fit together in choosing strategies for implementing a real software system. Use that as a guiding metric for whether you are discussing enough (or the right things), and don't hesitate to ask if you have questions.


I'm going to be looking for evidence that you understand security issues at the level of someone who has taken a course on the subject. I'll be looking at how you organize your materials (as an indication of how you think about security in the big picture), whether you include sufficient technical depth to show that you understand what you're talking about, and whether you can explain security issues to other technical readers (some of whom may not be trained in security, but have good CS backgrounds).

Course homepage