Ein eLearning-System zur Unterstützung der Wissensvermittlung von Web-Entwicklern in Sicherheitsthemen

With the development of new internet technologies new security problems arise. Thus, it is important to consider security aspects during the complete development process of a web application. Every participant of such a process should have the appropriate knowledge. Classical learning methods are not sufficient, because they are not able to satisfy the needs of knowledge in the required topicality. As a consequence, we developed an eLearning application that supports the transfer of this knowledge time-and location-independent. To get a deep understanding about security problems and the resulting vulnerabilities and attacks the application consists of three complementing components. One component is a tool that provides all necessary information about the security problems. The second component is a vulnerable online banking application where the user can apply attacks in a virtual environment. The third component is a monitor application where one can inspect in real-time which information the attacker receives.