Difference between revisions of "Project Information:template Access Control Rules Tester Project - Final Review - Second Reviewer - F"
From OWASP
(New page: Clik here to return to the previous page. {| style="width:100%" border="0" align="center" ! colspan="3" align="center...) |
|||
| Line 17: | Line 17: | ||
| style="width:25%; background:#7B8ABD" align="center"| | | style="width:25%; background:#7B8ABD" align="center"| | ||
1. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#P022 - OWASP Access Control Rules Tester|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised. | 1. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#P022 - OWASP Access Control Rules Tester|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised. | ||
| − | | colspan="2" style="width:75%; background:#cccccc" align="left"| | + | | colspan="2" style="width:75%; background:#cccccc" align="left"|The project objectives are met. In terms of deliveries, the document and the tool are implemented, however, the tool doesn't have the Site Spider functionality, indeed it depends on third-party spider packages. |
|- | |- | ||
| style="width:25%; background:#7B8ABD" align="center"| | | style="width:25%; background:#7B8ABD" align="center"| | ||
2. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#P022 - OWASP Access Control Rules Tester|'''the assumed ones''']], please quantify in terms of percentage. | 2. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#P022 - OWASP Access Control Rules Tester|'''the assumed ones''']], please quantify in terms of percentage. | ||
| − | | colspan="2" style="width:75%; background:#cccccc" align="left"| | + | | colspan="2" style="width:75%; background:#cccccc" align="left"|1. Research technical report: 100% done<br>2. Access Control Rules Tester (AcCoRuTe) tool: 100% done. Although the Site Spider is a third-party tool instead of a built-in package, it doesn't affect the functionalities of the testing tool. |
|- | |- | ||
| style="width:25%; background:#7B8ABD" align="center"| | | style="width:25%; background:#7B8ABD" align="center"| | ||
3. Please do use the right hand side column to provide advice and make work suggestions. | 3. Please do use the right hand side column to provide advice and make work suggestions. | ||
| − | | colspan="2" style="width:75%; background:#cccccc" align="left"| | + | | colspan="2" style="width:75%; background:#cccccc" align="left"|1. Improving the abilities to detect access control violation in Applets and Web Services<br>2. Compatible with XACML<br>3. Better handling in role delegation, right now it's hard to test delegation<br>4. Providing an approach to integrate the tool into the early stage in software development life cycle |
|- | |- | ||
| style="width:25%; background:white" align="center"|'''PART II''' | | style="width:25%; background:white" align="center"|'''PART II''' | ||
| Line 40: | Line 40: | ||
| style="width:25%; background:#7B8ABD" align="center"| | | style="width:25%; background:#7B8ABD" align="center"| | ||
1. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Alpha Quality''' status? | 1. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Alpha Quality''' status? | ||
| − | | colspan="2" style="width:75%; background:#cccccc" align="left"| | + | | colspan="2" style="width:75%; background:#cccccc" align="left"|None |
|- | |- | ||
| style="width:25%; background:#7B8ABD" align="center"| | | style="width:25%; background:#7B8ABD" align="center"| | ||
2. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Beta Quality''' status? | 2. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Beta Quality''' status? | ||
| − | | colspan="2" style="width:75%; background:#cccccc" align="left"| | + | | colspan="2" style="width:75%; background:#cccccc" align="left"|The "About box" has been implemented, however, since this is a command line based tool, the messages in the "About box" has been added to the README file |
|- | |- | ||
| style="width:25%; background:#7B8ABD" align="center"| | | style="width:25%; background:#7B8ABD" align="center"| | ||
3. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Release Quality''' status? | 3. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Release Quality''' status? | ||
| − | | colspan="2" style="width:75%; background:#cccccc" align="left"| | + | | colspan="2" style="width:75%; background:#cccccc" align="left"| N/A |
|- | |- | ||
| style="width:25%; background:#7B8ABD" align="center"| | | style="width:25%; background:#7B8ABD" align="center"| | ||
4. Please do use the right hand side column to provide advice and make work suggestions. | 4. Please do use the right hand side column to provide advice and make work suggestions. | ||
| − | | colspan="2" style="width:75%; background:#cccccc" align="left"| | + | | colspan="2" style="width:75%; background:#cccccc" align="left"|The tool may provide a "-help" command line option to display name of tool, author, e-mail address of author, current version number and/or release date |
|} | |} | ||
Latest revision as of 16:54, 3 November 2008
Clik here to return to the previous page.
| FINAL REVIEW | ||
|---|---|---|
| PART I | ||
|
Project Deliveries & Objectives |
OWASP Access Control Rules Tester Project's Deliveries & Objectives | |
| QUESTIONS | ANSWERS | |
|
1. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please exemplify writing down those of them that haven't been realised. |
The project objectives are met. In terms of deliveries, the document and the tool are implemented, however, the tool doesn't have the Site Spider functionality, indeed it depends on third-party spider packages. | |
|
2. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please quantify in terms of percentage. |
1. Research technical report: 100% done 2. Access Control Rules Tester (AcCoRuTe) tool: 100% done. Although the Site Spider is a third-party tool instead of a built-in package, it doesn't affect the functionalities of the testing tool. | |
|
3. Please do use the right hand side column to provide advice and make work suggestions. |
1. Improving the abilities to detect access control violation in Applets and Web Services 2. Compatible with XACML 3. Better handling in role delegation, right now it's hard to test delegation 4. Providing an approach to integrate the tool into the early stage in software development life cycle | |
| PART II | ||
|
Assessment Criteria |
||
| QUESTIONS | ANSWERS | |
|
1. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Alpha Quality status? |
None | |
|
2. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Beta Quality status? |
The "About box" has been implemented, however, since this is a command line based tool, the messages in the "About box" has been added to the README file | |
|
3. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Release Quality status? |
N/A | |
|
4. Please do use the right hand side column to provide advice and make work suggestions. |
The tool may provide a "-help" command line option to display name of tool, author, e-mail address of author, current version number and/or release date | |
