This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Cornucopia - Ecommerce Website - CR 3

From OWASP
Jump to: navigation, search
Cornucopia - Ecommerce Website CR 3.png

Suit: Cryptography

Card/Value: 3

Description:

Axel can modify transient or permanent data (stored or in transit), or source code, or updates/patches, or configuration data, because it is not subject to integrity checking.

Technical Note:

Tampering with state, source code, interpreted code, libraries, executables, updates, patches, configuration data, logs, etc undermines any trust in the application. Consider the file system, database content, information in memory, in page code, and data in transit.

NB: The key concept for this card is integrity.

References:

OWASP SCP OWASP ASVS OWASP AppSensor CAPEC SAFECODE
92 13.2 SE1 31 12
205 IE4 39 14
212 68
75
133
145
162
203
438
439
442


« Previous Card | Cryptography | Next Card »