This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Event Item"
From OWASP
Line 14: | Line 14: | ||
|- | |- | ||
|style="border-style: solid; border-width: 0 1px 1px 0"| Event announcement | |style="border-style: solid; border-width: 0 1px 1px 0"| Event announcement | ||
− | |style="border-style: solid; border-width: 0 1px 1px 0"| | + | |style="border-style: solid; border-width: 0 1px 1px 0"| Access Control is a necessary security control at almost every layer within a web application. This talk will discuss several of the key access control anti-patterns commonly found during website security audits. These access control anti-patterns include hard-coded security policies, lack of horizontal access control, and "fail open" access control mechanisms. In reviewing these and other access control problems, we will discuss and design a positive access control mechanism that is data contextual, activity based, configurable, flexible, and deny-by-default - among other positive design attributes that make up a robust web-based access-control mechanism. |
|- | |- | ||
|style="border-style: solid; border-width: 0 1px 1px 0"| Event Program | |style="border-style: solid; border-width: 0 1px 1px 0"| Event Program |
Revision as of 23:32, 15 February 2012
Item | Description |
---|---|
Event title | OWASP Netherlands Chapter Meeting with Jim Manico |
Date | The data of the event. American English notation |
Location | Description of the location |
Event announcement | Access Control is a necessary security control at almost every layer within a web application. This talk will discuss several of the key access control anti-patterns commonly found during website security audits. These access control anti-patterns include hard-coded security policies, lack of horizontal access control, and "fail open" access control mechanisms. In reviewing these and other access control problems, we will discuss and design a positive access control mechanism that is data contextual, activity based, configurable, flexible, and deny-by-default - among other positive design attributes that make up a robust web-based access-control mechanism. |
Event Program | 18:00 - 18:45 Registration with drinks and snacks 18:45 - 19:00 OWASP Netherlands Chapter Update 19:00 - 20:00 Jim Manico on Authentication 20:00 - 20:15 Break 20:15 - 21:00 Q&A with Jim Manico |
Travel | SurfNet Utrecht, Radboudkwartier 273, 3511 CK Utrecht, The Netherlands |
Registration | http://www.eventbrite.com/event/2714165141 |