This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Working Session Enterprise Security API Project

From OWASP
Revision as of 17:32, 28 November 2008 by Paulo Coimbra (talk | contribs)

Jump to: navigation, search
Working Sessions Operational Rules - Please see here the general frame of rules.
WORKING SESSION IDENTIFICATION
Work Session Name OWASP Enterprise Security API Project
Short Work Session Description In this working session we will consider all aspects of the Enterprise Security API project. The goal of the project is to simplify security for developers to make secure code more likely. To achieve this goal we define clean intuitive APIs for standard security functionality. Ideally, these APIs will cover common security controls across web applications, web services, and even rich client applications. This working session will review the state of the project, discuss technical issues, discuss "marketing" of the project, prioritize project work items, and browbeat attendees into joining the project and making the world a safer place.
Related Projects (if any)

OWASP Enterprise Security API (ESAPI) Project

Email Contacts & Roles Chair
Jeff Williams
Secretary
Arshan Dabirsiaghi
Mailing list
Subscription Page
WORKING SESSION SPECIFICS
Objectives

Introduce everyone to the idea and cost-benefits of an ESAPI.

Venue/Date&Time/Model Venue
OWASP EU Summit Portugal 2008
Date&Time
November 5, 2008
1:00 PM
Discussion Model
"Participants + Attendees"
WORKING SESSION OPERATIONAL RESOURCES
Please add here, ASAP, any needed relevant resources, e.g. data-show, boards, laptops, etc.
WORKING SESSION ADDITIONAL DETAILS
Please add here, any additional notes, links, ideas, guidelines, etc... The objective is to help the working sessions participants and attendees to prepare their participation/contribution.
WORKING SESSION OUTCOMES
Statements, Initiatives or Decisions Proposed by Working Group Approved by OWASP Board
A volunteer to lead the 'marketing' campaign for ESAPI. After the Board Meeting - fill in here.
Prioritized list of marketing ideas for the ESAPI concept. After the Board Meeting - fill in here.
Prioritized list of ideas for improving the API. After the Board Meeting - fill in here.
[Video After the Board Meeting - fill in here.

Working Session Participants

(Add you name by editing this table. On your the right, just above the this frame, you have the option to edit)

WORKING SESSION PARTICIPANTS
Name Company Notes & reason for participating, issues to be discussed/addressed
1 Matt Tesauro OWASP Live CD Project Lead Curious about how various "ports" should be handled (lang != Java)
Run them as separate projects or sub-projects. How are they synchronized, if at all? What state are they in? How bad will the browbeating be?
2 Andrea Cogliati OWASP Rochester, NY Interested in porting to other platforms (Ruby&Rails) and in integration issues with existing framework (Struts, Spring, ...)
3 Alex Smolen Foundstone Author and Project Leader for .NET ESAPI
4 Kuai Hinojosa New York University Interesting in ESAPI for PHP and How to best implement the ESAPI.
5 Fred Donovan Donovan Networks Interested in the structure and integrating this as a solution for Fortune 200 web development processes
6
7
8
9
10

If needed add here more lines.