This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Event Item
From OWASP
Item | Description |
---|---|
Event title | OWASP Netherlands Chapter Meeting with Jim Manico |
Date | March 15th, 2012 |
Location | SurfNet, Utrecht |
Event announcement | Access Control is a necessary security control at almost every layer within a web application. This talk will discuss several of the key access control anti-patterns commonly found during website security audits. These access control anti-patterns include hard-coded security policies, lack of horizontal access control, and "fail open" access control mechanisms. In reviewing these and other access control problems, we will discuss and design a positive access control mechanism that is data contextual, activity based, configurable, flexible, and deny-by-default - among other positive design attributes that make up a robust web-based access-control mechanism. |
Event Program | 18:00 - 18:45 Registration with drinks and snacks 18:45 - 19:00 OWASP Netherlands Chapter Update 19:00 - 20:00 Jim Manico on Authentication 20:00 - 20:15 Break 20:15 - 21:00 Q&A with Jim Manico |
Travel | SurfNet Utrecht, Radboudkwartier 273, 3511 CK Utrecht, The Netherlands |
Registration | http://www.eventbrite.com/event/2714165141 |