This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP TASC Framework Project
TASC Framework ProjectThings Authentication and Secure Communications (for Resource Constrained Systems) Makers, professionally or as hobbyists, are creating "Internet of Things" (IoT) devices using low power systems such as Arduino. Security is often an afterthought or not considered at all. This project will make it easy to secure communications between devices. Using an AES library such as: http://forum.arduino.cc/index.php?topic=88890.0 This project will put a communications protocol and medium agnostic encryption and authentication layer onto resource constrained devices such as the Arduino. It will do this via symmetric key encryption of the message payloads to ensure the authentication, integrity, and confidentiality of messages. The use of this framework will require no specialist security knowledge. DescriptionThe TASC Framework (Things Authentication and Secure Communications) provides a lightweight abstracted security framework and supporting libraries to provide authentication and secure communications on resource constrained systems. For example developers creating "Internet of Things" (IoT) devices using low power or resource constrained systems such as Arduino who are not security experts. LicensingThe libraries and source code / examples associated with this project are licenced under Apache 2.0 Licence in order to encourage the broadest possible use in embedded systems where dynamic linking may not be practical. The documentation and guidelines are licenced under Creative Commons Attribution ShareAlike 3.0 Licence. |
What is OWASP Security Principles Project?Here you should add a short description of what your project actually does. What is the primary goal of your project, and why is it important? The end goal is to identify, cite, and document the fundamental principles of information security. Once this is well organised, I think it would be great to publish this through the OWASP Press. Of course, it will always remain freely available, and any money collected will go directly into the project to absorb costs with any remaining funds going to the OWASP Foundation. This document should serve as a guide to technical architects and designers outlining the fundamental principles of security. PresentationNot yet...but watch this space... Project LeaderRelated ProjectsPlease let us know of any relevant related projects. Openhub |
Quick DownloadNothing yet but we should have some deliverables ready soon. News and Events
ClassificationsHow can I participate in your project?All you have to do is make the Project Leader's aware of your available time to contribute to the project. It is also important to let the Leader's know how you would like to contribute and pitch in to help the project meet it's goals and milestones. There are many different ways you can contribute to an OWASP Project, but communication with the leads is key. Please see the getting involved tab. If I am not a programmer can I participate in your project?Yes, you can certainly participate in the project if you are not a programmer or technical. The project needs different skills and expertise and different times during its development. Currently, we are looking for researchers, writers, graphic designers, and a project administrator. What platforms are supported by the framework?The framework itself is platform agnostic and can be readily ported to any platform. Initially the Arduino platform will be targeted as a reference implementation due to it's broad adoption, starting point for budding developers, and strong community. ContributorsThe OWASP Security Principles project is developed by a worldwide team of volunteers.
The key milestones are:
The key deliverables are
Getting InvolvedInvolvement in the development and promotion of the OWASP TASC Framework Project is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:
|
