This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP GSD Project"

From OWASP
Jump to: navigation, search
Line 51: Line 51:
 
** '''UPDATE'''
 
** '''UPDATE'''
 
The HIVE project started out as an idea for a learning platform. Using TAHOE-lafs as a storage solution we are able to interlock anything we do into the GRID. What’s the GRID? The GRID is a group of Tahoe enabled capable computers (The BeagleBone Black) could be any computer. The idea is to share data across a GRID in a secure anonymous fashion. Using Tahoe-LAFS we can share and distribute project files lots and lots of data all gathered from the GRID. This uses “provider-independent security” that means I don’t know what your data is and neither does anyone else. Only you know what you uploaded so unless someone beats you with sticks until you hand over you unique URI. It’s all secret!
 
The HIVE project started out as an idea for a learning platform. Using TAHOE-lafs as a storage solution we are able to interlock anything we do into the GRID. What’s the GRID? The GRID is a group of Tahoe enabled capable computers (The BeagleBone Black) could be any computer. The idea is to share data across a GRID in a secure anonymous fashion. Using Tahoe-LAFS we can share and distribute project files lots and lots of data all gathered from the GRID. This uses “provider-independent security” that means I don’t know what your data is and neither does anyone else. Only you know what you uploaded so unless someone beats you with sticks until you hand over you unique URI. It’s all secret!
''' More infomation can be found on the [https://www.owasp.org/index.php/OWASP_Hive_Project Hive Project]
+
 
''' The milestones that I anticipate are:
+
More infomation can be found on the [https://www.owasp.org/index.php/OWASP_Hive_Project Hive Project]
** ''' Sweet user interface
+
***The milestones that I anticipate are:
** ''' Find a LCD for the BeagleBone Black for IP or stats scrolling. The HIVE setup currently shows the nodes in real time.  
+
**Sweet user interface
** ''' Make a proposal to OWASP for a more stable introducer and private GRID.   
+
**Find a LCD for the BeagleBone Black for IP or stats scrolling. The HIVE setup currently shows the nodes in real time.  
 +
**Make a proposal to OWASP for a more stable introducer and private GRID.   
 
   
 
   
  

Revision as of 19:59, 23 September 2013

OWASP GSD (Get Stuff Done) project is focused on enabling and empowering other OWASP Projects with funds, resources, energy and ideas.

The first initiative is the 'Funds Available for OWASP Projects' (see details and rules-of-engagement below)

  • Project Leader: Dinis Cruz
  • Proposals Review Team: Dennis Groves, Daniel Cuthbert, Dinis Cruz (contact Dinis If want to be one)

Initiative: Funds Available for OWASP Projects

What: OWASP Project Sponsorship model where OWASP Leaders can spend up-to the current allocated budget on OWASP Projects

Rules-of-Engagement:

  • Funds are to be used on OWASP Projects
  • Funds to be personally allocated by an OWASP Leader (who takes responsibility for its use and execution)
  • OWASP leaders are free to spend the funds on OWASP Projects in anyway they feel relevant, with only the following KEY restrictions:
    • They can't pay another OWASP leaders or a company that an OWASP leader is directly connected to
    • For amounts less than $500 they add its description to the respective OWASP WIKI page 24h before they commit to make the expense
    • For amounts less than $5000 they add its description to the respective OWASP WIKI 7 days before they commit to make the expense
    • If there are no comments or objections by the 'Proposals Review Team', the funds are automatically approved
    • If a member of the 'Proposals Review Team' objects or asks for more information, the funds are NOT approved (until further clarifications)
  • Each expense item is mapped to an individual OWASP leader and multiple OWASP Leaders can work together.
  • Payments will be made by Alison on Invoice submission (by paypal or direct bank transfer)

In 6 months time, a review of the outcomes will be done and see these rules need to be changed

Funds Sources

  • Total: 2000 USD (soon to be 4000 USD)
  • Sponsors: (could be OWASP Chapters, OWASP Members or 3rd party companies/organizations)

Proposed Use of Funds Available

Current Fund Amount

  • $2000

Active Projects using GSD funds (1):

  • OWASP HIVE PROJECT -
    • Funds allocated: $1764.95
    • Cost Breakdown
      • BeagleBone HIVE Cluster - Cost for 10 Environment Hive 1600.00 (Approx)
      • HIVE Power - 20Amp 5v power supply
      • HIVE Switches - 1G 5Port Switch Cost 40.00 (Approx)
      • Single HIVE-OFF - Cost 60.00 - 85.00 (MetalCase)(still need case Ideas for this)
      • WiFi Mod - Cost 6.00 (per BB)
    • The HIVE can have 10 20 50 and 100 environment HIVE. This start-up is for 10 environment. Large chapters may like the large HIVE.
    • QUOTE from element14 (NEWARK)
    • UPDATE

The HIVE project started out as an idea for a learning platform. Using TAHOE-lafs as a storage solution we are able to interlock anything we do into the GRID. What’s the GRID? The GRID is a group of Tahoe enabled capable computers (The BeagleBone Black) could be any computer. The idea is to share data across a GRID in a secure anonymous fashion. Using Tahoe-LAFS we can share and distribute project files lots and lots of data all gathered from the GRID. This uses “provider-independent security” that means I don’t know what your data is and neither does anyone else. Only you know what you uploaded so unless someone beats you with sticks until you hand over you unique URI. It’s all secret!

More infomation can be found on the Hive Project

      • The milestones that I anticipate are:
    • Sweet user interface
    • Find a LCD for the BeagleBone Black for IP or stats scrolling. The HIVE setup currently shows the nodes in real time.
    • Make a proposal to OWASP for a more stable introducer and private GRID.


Completed:

  • Transcription of Podcast - Total Cost: $70 USD (Approx)
  • Transcribe OWASP Board Member candidates interview.
    • contracted via Elance (see proposal here)
    • Cost: $92.05 USD
    • O2 Platform Stickers - Total Cost: $73.00 USD (Approx)

FAQ

For Participants:

  • What is an OWASP Leader? : Everybody in the owasp-leaders list
  • Can these funds be used on other OWASP innitiatives (Chapters, Conferences, Summits, etc..) : Nope this is only for OWASP Projects
  • What happens if the 'Proposals Review Team' objects or asks questions : The OWASP Leader behind the proposal needs to come back with a better idea or answer :)
  • Is there some kind of 'Gamification theory' behind this idea? : Yes :)


For Members of the 'Proposals Review Team':

  • What should I do if I like a proposal? : Nothing (unless you have time to help that proposal). Note that proposals with no 'doubts' are approved by default
  • What should I do if I have doubts about a proposal? : Write a comment and raise your doubts/questions. Note that proposals with (at least one ) 'doubt' comment and NOT approved by default

GSD Ideas

Here are a couple ideas on where to use available GSD funds:

  • buy 20 copies of the (for example) Open SAMM book and distribute it at a local OWASP chapter meeting
  • support the OWASP Developer Guide and ASVS projects (for example with copywriting, formatting, design, research, proof-reading, pagination, etc...)
  • improve the formatting and presentation of the 'Cheat-Sheet' series,
  • hire a transcription service for key presentations done at OWASP chapters/events (or OWASP PodCasts)
  • create a DVD with all presentations from a specific OWASP event (or other video materials like the AppSec tutorial series)
  • sponsor a booth at an event to present OWASP Projects
  • sponsor travel expenses for a project leader to meet with other project leaders or collaborators (to work on a particular project)
  • organize a mini-summit around an OWASP project
  • create a mini-website focused on a particular project (like ESAPI.org)
  • try out a specific commercial service that will make a particular project more effective (version control, bug tracking system, mailing lists, etc...)
  • hire designers to work on OWASP projects
  • translate OWASP content (to and from English)
  • sponsor students to work on OWASP projects (maybe even run a mini-OWASP Season of Code)
  • hire mediawiki editors for the OWASP website (the OWASP projects part of it :) )
  • etc...