This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Category:OWASP XML Security Gateway Evaluation Criteria Project"

From OWASP
Jump to: navigation, search
 
(25 intermediate revisions by 8 users not shown)
Line 1: Line 1:
 +
{{:Template:Orphaned Projects}}
 +
 +
 +
==== Main  ====
 +
 
== Welcome to the XML Security Gateway Evaluation Criteria Project ==
 
== Welcome to the XML Security Gateway Evaluation Criteria Project ==
  
This OWASP Project is defines an open standard for evaluating XML Security Gateways. This criteria will first identify and provide the OWASP community a set of standard evaluation criteria to assess the quality of open source and proprietary XML Security Gateways. The main driver for this project is to reduce the confusion and complexity in assessing the strengths and weaknesses of solutions in this complex space, and enlightening the community as to the utility of XML Security Gateways to deliver a number of valuable security services.
+
This OWASP Project defines an open standard for evaluating XML Security Gateways. This criteria will provide the OWASP community a set of standard evaluation criteria to assess the functionality and quality of XML Security Gateways. The main driver for this project is to reduce the confusion and complexity in assessing the strengths and weaknesses of solutions in this the XML Security space, and enlightening the community as to the utility of XML Security Gateways to deliver a number of valuable security services.
  
 
== Project Guiding Principles: ==
 
== Project Guiding Principles: ==
  
The XML Security Gateway Evaluation Criteria Project’s Guiding Principles were created in order to express the intentions of its contributors when designing the criteria.
+
The XML Security Gateway Evaluation Criteria (XSGEC) Project’s Guiding Principles were created in order to express the intentions of its contributors when designing the criteria.
 
    
 
    
 
* Create evaluation criteria supporting a transparent, level playing field for XML Security Gateway solutions to define their solution's key value proposition
 
* Create evaluation criteria supporting a transparent, level playing field for XML Security Gateway solutions to define their solution's key value proposition
Line 17: Line 22:
 
This project will focus on evaluation criteria for XML Security Gateways, that are commonly used in SOAP, Web services, SOA, and Rest applications.
 
This project will focus on evaluation criteria for XML Security Gateways, that are commonly used in SOAP, Web services, SOA, and Rest applications.
  
 +
== Versions: ==
 +
 +
The latest version of the XSGEC is here
 +
https://www.owasp.org/index.php/Category:OWASP_XML_Security_Gateway_Evaluation_Criteria_Project_Latest
  
 
== Feedback and Participation: ==
 
== Feedback and Participation: ==
  
We hope you find the OWASP XML Security Gateway Project useful. Please contribute to the Project by volunteering for one of the Tasks, sending your comments, questions, and suggestions to [email protected].  To join the OWASP XML Security Gateway Project mailing list or view the archives, please email Gunnar Peterson
+
We hope you find the OWASP XML Security Gateway Project useful. Please contribute to the Project by volunteering for one of the Tasks, sending your comments, questions, and suggestions to [email protected].  To join the OWASP XML Security Gateway Project mailing list or view the archives, please visit http://lists.owasp.org/mailman/listinfo/owasp-xsgec
 +
 
 
== Project Contributors: ==
 
== Project Contributors: ==
  
Line 30: Line 40:
 
Contributors:
 
Contributors:
  
 +
* James McGovern, Virtusa
 +
* Sebastien Deleersnyder, Telindus
 +
* Muthu Meyyappan, United Healthcare
 
* Mark O'Neill, Vordel
 
* Mark O'Neill, Vordel
 +
* Ivan Ristic, Breach Security
 
* Brian Roddy, Cisco
 
* Brian Roddy, Cisco
 +
* Philippe Bogaerts, NetAppSec
 +
* Paul Lesov, Wells Fargo
 +
* Lori MacVittie, F5 Networks
  
 
== More Information: ==
 
== More Information: ==
Line 41: Line 58:
 
http://www.webappsec.org/projects/wafec/
 
http://www.webappsec.org/projects/wafec/
  
[[Category:OWASP Project]]
+
==== Project Details ====
 +
<!--{{:OWASP XML Security Gateway Evaluation Criteria Project - Project Identification}}-->
 +
 
 +
{{:GPC Project Details/OWASP XML Security Gateway Evaluation Criteria Project | OWASP Project Identification Tab}}
 +
 
 +
__NOTOC__ <headertabs />
 +
 
 +
[[Category:OWASP Project|XML Security Gateway Evaluation Criteria Project]]

Latest revision as of 15:56, 21 December 2010

Attention icon.png

This Project has been identified as an orphaned one. If you find interest in assuming its lead, please contact the Global Projects Committee.

Attention icon.png


Main

Welcome to the XML Security Gateway Evaluation Criteria Project

This OWASP Project defines an open standard for evaluating XML Security Gateways. This criteria will provide the OWASP community a set of standard evaluation criteria to assess the functionality and quality of XML Security Gateways. The main driver for this project is to reduce the confusion and complexity in assessing the strengths and weaknesses of solutions in this the XML Security space, and enlightening the community as to the utility of XML Security Gateways to deliver a number of valuable security services.

Project Guiding Principles:

The XML Security Gateway Evaluation Criteria (XSGEC) Project’s Guiding Principles were created in order to express the intentions of its contributors when designing the criteria.

  • Create evaluation criteria supporting a transparent, level playing field for XML Security Gateway solutions to define their solution's key value proposition
  • Where practical, attempt to standardize nomenclature and metrics
  • Educate the community on the design considerations for XML security

Project Scope:

This project will focus on evaluation criteria for XML Security Gateways, that are commonly used in SOAP, Web services, SOA, and Rest applications.

Versions:

The latest version of the XSGEC is here https://www.owasp.org/index.php/Category:OWASP_XML_Security_Gateway_Evaluation_Criteria_Project_Latest

Feedback and Participation:

We hope you find the OWASP XML Security Gateway Project useful. Please contribute to the Project by volunteering for one of the Tasks, sending your comments, questions, and suggestions to [email protected]. To join the OWASP XML Security Gateway Project mailing list or view the archives, please visit http://lists.owasp.org/mailman/listinfo/owasp-xsgec

Project Contributors:

If you contribute to this Project, please add your name here Project Lead:

Contributors:

  • James McGovern, Virtusa
  • Sebastien Deleersnyder, Telindus
  • Muthu Meyyappan, United Healthcare
  • Mark O'Neill, Vordel
  • Ivan Ristic, Breach Security
  • Brian Roddy, Cisco
  • Philippe Bogaerts, NetAppSec
  • Paul Lesov, Wells Fargo
  • Lori MacVittie, F5 Networks

More Information:

Security Concepts, Challenges, and Design Considerations for Web Services Integration, By Howard Lipson and Gunnar Peterson https://buildsecurityin.us-cert.gov/daisy/bsi/articles/best-practices/assembly/639.html?branch=1&language=1

Web Application Firewall Evaluation Criteria - WASC project with similar approach, focused on the Web App FW space http://www.webappsec.org/projects/wafec/

Project Details

PROJECT INFO
What does this OWASP project offer you?
what is this project?
OWASP XML Security Gateway Evaluation Criteria Project

Purpose: N/A

License: N/A

who is working on this project?
Project Leader: N/A

Project Maintainer:

Project Contributor(s): N/A

how can you learn more?
Project Pamphlet: N/A

3x slide Project Presentation: N/A

Mailing list: N/A

Project Roadmap: N/A

Main links: N/A

Project Health: Yellow button.JPG Not Reviewed (Provisional)
To be reviewed under Assessment Criteria v2.0

Key Contacts
  • Contact the GPC to contribute, review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.

This category currently contains no pages or media.