Category:WASS Security Frame
Revision as of 16:00, 27 May 2009 by MediaWiki spam cleanup (Reverting to last version not containing links to s1.shard.jp)
Add suggested approach of how to audit against/use the requirements
Deployment and Configuration
- Deploy mechanisms to enhance the security of authentication credentials used.
- Establish a new session identifier upon user authentication.
Session and User Management
- Deploy mechanisms to securely perform tasks related to user management.
- Take measures to securely manage user identification.
- Take measures to securely manage cookies.
Auditing and Logging
- Do not transmit sensitive information in GET requests.
- Disable caching of sensitive pages.
- Do not store sensitive information in Hidden fields.
Canonicalization and Unicode
This category currently contains no pages or media.