This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "GPC Project Details/OWASP Access Control Rules Tester Project"

From OWASP
Jump to: navigation, search
Line 3: Line 3:
 
| project_description = Web application business logic vulnerabilities will be under increasing attention in near future. Although input validation vulnerabilities (XSS, SQLI) are in overwhelming majority nowadays, many automated approaches have emerged that deal with them. On the contrary, there are no known approaches (and methodologies for security experts) to classify or even detect business logic vulnerabilities. Besides, business logic flaws usually expose web application to great risks (according to OWASP Testing Guide). The proposal is to make an attempt to create a systematic approach that addresses business logic vulnerabilities. To begin with, access control flaws are surveyed.  
 
| project_description = Web application business logic vulnerabilities will be under increasing attention in near future. Although input validation vulnerabilities (XSS, SQLI) are in overwhelming majority nowadays, many automated approaches have emerged that deal with them. On the contrary, there are no known approaches (and methodologies for security experts) to classify or even detect business logic vulnerabilities. Besides, business logic flaws usually expose web application to great risks (according to OWASP Testing Guide). The proposal is to make an attempt to create a systematic approach that addresses business logic vulnerabilities. To begin with, access control flaws are surveyed.  
 
| project_license =
 
| project_license =
| leader_name =  
+
| leader_name = Andrew Petukhov
 
| leader_email =  
 
| leader_email =  
| leader_username =  
+
| leader_username = Petand
 
| past_leaders_special_contributions = TBD
 
| past_leaders_special_contributions = TBD
 
| maintainer_name =  
 
| maintainer_name =  

Revision as of 16:41, 30 September 2009

PROJECT INFO
What does this OWASP project offer you? 		RELEASE(S) INFO
What does this OWASP project release offer you?
what is this project?
OWASP Access Control Rules Tester Project

Purpose: Web application business logic vulnerabilities will be under increasing attention in near future. Although input validation vulnerabilities (XSS, SQLI) are in overwhelming majority nowadays, many automated approaches have emerged that deal with them. On the contrary, there are no known approaches (and methodologies for security experts) to classify or even detect business logic vulnerabilities. Besides, business logic flaws usually expose web application to great risks (according to OWASP Testing Guide). The proposal is to make an attempt to create a systematic approach that addresses business logic vulnerabilities. To begin with, access control flaws are surveyed.

License: N/A

who is working on this project?
Project Leader: Andrew Petukhov

Project Maintainer:

Project Contributor(s): N/A

how can you learn more?
Project Pamphlet: N/A

3x slide Project Presentation: N/A

Mailing list: N/A

Project Roadmap: To view, click here

Main links: N/A

Project Health: Yellow button.JPG Not Reviewed (Provisional)
To be reviewed under Assessment Criteria v2.0

Key Contacts
  • Contact Andrew Petukhov to contribute, review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
First Release - Unknown Date - (no download available)

Release Leader: N/A

Release details: Main links, release roadmap and assessment

Rating: Yellow button.JPG Not Reviewed
To be reviewed under Assessment Criteria v2.0


Retrieved from "https://wiki.owasp.org/index.php?title=GPC_Project_Details/OWASP_Access_Control_Rules_Tester_Project&oldid=70214"