This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Event Item

Jump to: navigation, search
Item Description
Event title OWASP Netherlands Chapter Meeting with Jim Manico
Date March 15th, 2012
Location SurfNet, Utrecht
Event announcement Access Control is a necessary security control at almost every layer within a web application. This talk will discuss several of the key access control anti-patterns commonly found during website security audits. These access control anti-patterns include hard-coded security policies, lack of horizontal access control, and "fail open" access control mechanisms. In reviewing these and other access control problems, we will discuss and design a positive access control mechanism that is data contextual, activity based, configurable, flexible, and deny-by-default - among other positive design attributes that make up a robust web-based access-control mechanism.
Event Program 18:00 - 18:45 Registration with drinks and snacks
18:45 - 19:00 OWASP Netherlands Chapter Update
19:00 - 20:00 Jim Manico on Authentication
20:00 - 20:15 Break
20:15 - 21:00 Q&A with Jim Manico
Travel SurfNet Utrecht, Radboudkwartier 273, 3511 CK Utrecht, The Netherlands