This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Summit 2011 Working Sessions/Session028
Global Summit 2011 Home Page
Global Summit 2011 Tracks
Protecting Information Stored Client-Side | ||||||
---|---|---|---|---|---|---|
Please see/use the 'discussion' page for more details about this Working Session | ||||||
Working Sessions Operational Rules - Please see here the general frame of rules. |
WORKING SESSION IDENTIFICATION | ||||||
---|---|---|---|---|---|---|
Short Work Session Description | This section will focus on providing mechanisms for protecting important or sensitive data applications and services need to store client-side. Contexts this section aims to cover include:
For the purpose of the Portugal Summit, the session will focus on development within a "classic" N-tier Java application environment. | |||||
Related Projects (if any) |
| |||||
Email Contacts & Roles | Chair John Steven @ |
Operational Manager |
Mailing list Subscription Page |
WORKING SESSION SPECIFICS | ||||||
---|---|---|---|---|---|---|
Objectives |
| |||||
Venue/Date&Time/Model | Venue/Room OWASP Global Summit Portugal 2011 |
Date & Time
|
Discussion Model participants and attendees |
|
---|
WORKING SESSION OPERATIONAL RESOURCES | ||||||
---|---|---|---|---|---|---|
Projector, whiteboards, markers, Internet connectivity, power |
|
---|
WORKING SESSION ADDITIONAL DETAILS | ||||||
---|---|---|---|---|---|---|
Within the N-tier Java environment, the session will tackle the following development scenarios:
1) - Coat Check
2) - Purse
3) - Nuclear Briefcase
Future summits will address the following two contexts as well:
However, for the purpose of this coming session, we will only conduct planning and 'homework assignments' for these contexts in the next session (likely Minnesota). The session will work each of the three above development scenarios within the n-tier environment using the following work stream:
Participants will be taken through the above work stream, an abbreviated 'build security in' process designed to focus on implementation (rather than documentation or assurance), to restructure applications to demonstrate security patterns, integrate existing security functionality, or build security controls as necessary. |
WORKING SESSION OUTCOMES / DELIVERABLES | ||
---|---|---|
Proposed by Working Group | Approved by OWASP Board | |
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
Plan and Extra-summit work-items for exercises in Phone and RIA contexts during next summit |
After the Board Meeting - fill in here. | |
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. |
Working Session Participants
(Add you name by clicking "edit" on the tab on the upper left side of this page)
WORKING SESSION PARTICIPANTS | ||||||
---|---|---|---|---|---|---|
Name | Company | Notes & reason for participating, issues to be discussed/addressed | ||||
Elke Roth-Mandutz @ |
GSO-University of Applied Sciences |
| ||||
Jim Manico @ |
Infrared Security |
| ||||
Chris Schmidt @ |
Aspect Security |
| ||||
Justin Clarke @ |
Gotham Digital Science |
| ||||
Neil Matatall @ |
| |||||
Tony UcedaVelez @ |
VerSprite |
| ||||
Fred Donovan @ |
Attack Logic |
| ||||
Alexandre Miguel Aniceto @ |
Willway |
| ||||
Antonio Fontes @ |
L7 Sécurité |
| ||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
|