[GPC] New OWASP Project: Input Validation with Java Annotations

Paulo Coimbra paulo.coimbra at owasp.org
Tue May 26 13:08:38 EDT 2009

Dear Dag,


I thank you for your initiative to develop an OWASP Project and for
supporting OWASP Foundation.


As requested, I will set a new project page for you using a project skeleton
similar <http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project>  to
the one currently in use. To allow me doing so, would you mind sending off
the following data, please? 


1.       Wiki user account - please
<https://www.owasp.org/index.php/Special:UserLogin> create a wiki account
and fill in with your personal details i.e., (1) email address, (2)
curriculum vitae/resume, and (3) past wiki contributions; see
<http://www.owasp.org/index.php/Tutorial> here how to do it and
<http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project> here and
<http://www.owasp.org/index.php/User:Mtesauro> here an example of how it
will be used,

2.       Detailed roadmap including milestones for future developments,

3.       First Reviewer *,

4.       Second Reviewer*.


* Please have into account that, in result of what is established in the
above referred OWASP Assessment Criteria, the project's lead should suggest
two Project Reviewers and one of them should be an OWASP Project or Chapter
Leader. However, if you find it difficult or impossible, please let me know
and I will try and help.


Also, to have a general idea about the path a project should follow to reach
Release Quality, I recommend reading carefully the OWASP
Assessment Criteria.  


Moreover, I am copying carbon both the OWASP Board and the OWASP Global
Projects Committee to check if they have specific suggestions and/or
recommendations for you.


Should you have any further questions, please do not hesitate and get back
to me.


Many thanks, best regards,


Paulo Coimbra,

 <https://www.owasp.org/index.php/Main_Page> OWASP Project Manager


From: Dag Hovland [mailto:dag.hovland at uib.no] 
Sent: segunda-feira, 25 de Maio de 2009 12:40
To: paulo.coimbra at owasp.org
Subject: New OWASP Project: Input Validation with Java Annotations


We are a group of researchers from the dept. of computer science at the

University of Bergen. We would like to start an OWASP Project, probably

in the category "PROTECT".


Project name: Input Validation with Java Annotations


Project leaders: Federico Mancini (federico.mancini at uib.no) and Dag

Hovland (dag.hovland at uib.no)


Project description: We wish to explore the use of Java annotations for

object validation, and specifically for input validation. The result

should be a framework which should be easy to add to an existing

application. The existing approaches are either part of a large

framework (e.g. JSR-303) which assumes much of the application, or are

not much more than hints about how to approach.


Future developments: We have a working Java framework which can be added

to almost any Java application. The library of tests and annotations

should be expanded. The support for composing annotations and for

"cross-tests" (tests involving multiple properties) should be better. We

also plan to publish in an international conference by winter 2009 /

spring 2010.


Chosen open-source license: LGPL v3


Project Contributors: Federico Mancini (federico.mancini at uib.no), Dag

Hovland (dag.hovland at uib.no) and Khalid A. Mughal


Sponsor Organizations: University of Bergen,


Main Links: https://sourceforge.net/projects/shipvalidator/ (Project not

yet approved)


Related OWASP Projects: OWASP AntiSamy Java Project, OWASP Enterprise

Security API (ESAPI) Project





Dag Hovland

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/global-projects-committee/attachments/20090526/e495c253/attachment-0001.html 

More information about the Global-projects-committee mailing list