[Global_education_committee] Iberic Collaboration Project

kuai hinojosa kuai.hinojosa at owasp.org
Mon Mar 9 22:13:04 EDT 2009


The Global Edu Committee is aware of the value the academic community  
has to offer and in fact I have been working on such initiative. I am  
pleased to announce that University of California, Irvine just became  
a member as a result of having presented about OWASP resources at the  
last JA-SIG conference (Higher Learning and Open Source conference).  
UCI expressed how much value OWASP has to offer to their institution  
and decided they wanted to join us and send a message by becoming a  
member.  It is important that we not only create an event where to  
share our mission and goals but we also need to find university events  
where OWASP can participate, I have found this to be very productive.   
The academic community is less aware of application security problems,  
universities need to be open for research and learning and therefore  
they lack strict security measures, they tend to focus their efforts  
in the network layer, and the functionality of applications leaving  
the application layer vulnerable to attacks. Yet, most universities  
are highly dependent of the web, most are quickly deploying single  
sign on systems and moving all their critical systems to the web  
(Registration Systems, HR, Pay roll, IdM, Learning Management  
Systems). This is why we need to target computer science departments  
and C.S. programming events, "preach" the OWASP gospel there.  
Concentrating in just Information Security University programs,  
Schools or events will not be as effective. I believe that in order to  
successfully gain the support of the academic community we need to  
continue to inform the regular C.S. Professor, CITO faculty and staff.  
Believe me, I have learned this the hard way.

All the ideas and initiatives mentioned below are great and we have  
thought of most of them, we in the Global Education Committee are  
working hard in such initiatives (please see http://www.owasp.org/index.php/Global_Education_Committee) 
. However, it is a lot of work and even though we have 8 selected  
members in the committee we can use some help, you do not need to be a  
nominated member of the committee in order to help us. I suggest you  
check the SMART initiatives we created in the wiki, contact the owner  
of the initiative and offer to help. I don't think we'll refuse help  
at this point. I recommend we start by selecting at least 5  
Universities by your region, identify any relevant C.S. event in which  
OWASP can participate. For example, Vicente could select a few  
universities in Spain He feels could add value to our community and  
vice-versa, identify an event or even a class in which Vicente or any  
OWASP member could participate, establish key contacts is also  
important contacting the University's Sys Admin may not get you as  
much support as contacting the dean of the Computer Science department  
or the Director of their security group.

I am willing to work with you Fabio, Vicente and Carlos,  I can share  
my experiences and strategy. Let's plan on establishing a Skype call  
and discuss this further, what do you think?

Regards,

Kuai Hinojosa



On Mar 9, 2009, at 8:41 PM, Vicente Aguilera wrote:

> Hi all,
>
> On Mon, Mar 9, 2009 at 11:42 PM, Carlos Serrao <carlos.j.serrao at gmail.com 
> > wrote:
> Hi Paulo and Fabio,
>
> On 2009/03/09, at 15:15, fabio.e.cerullo at aib.ie wrote:
>
>>
>> Hi Paulo,
>>
>> What Carlos is suggesting is more like an academia type of event...  
>> he wants to generate collaboration between the universities in  
>> Spain and Portugal through an information security event...it could  
>> definitely include the OWASP organization as a promoter/supporter  
>> but the main scope here are students/professors from those  
>> universities.
>
> For me, and mostly motivated by my (more) academic background, it is  
> of most importance to have an event that mix the scientific and  
> academic community and the most commercial community.
>
>
> I agree with Carlos. I consider essential the fact to attract people  
> both from academia and industry to promote OWASP and our projects,  
> and to start a solid foundation that enables us to grow with  
> guarantees.
>
>
>
>
> For me, this model, is the one that involves the following steps:
>
>
> I will add the following points:
>
> 0. Define the date of the event
> 0.1 Define orientative topics for the conferences
> 0.2 Consider offer practical sessions in parallel with the conference
> 0.3 Estimate the number and profile of attendees
> 0.4 Analyze requirements (logistics, marketing)
> 0.5 Sponsors survey (decide if the event is free)
>
>
> 1. the creation of a Call for Papers, open both the academia and the  
> industry (it would be super to have papers that mix both worlds);
> 2. the creation of a conference commitee composed of persons from  
> the academic world and the industry world - this involves selecting  
> the right persons and making invitations;
> 3. define the dates for person to submit papers - three type of  
> papers (full papers, short papers and posters);
> 4. the conference can have also specific workshops on selected  
> relevant topics;
> 5. the commitee has to review and select the best papers and  
> presenters for the conference;
> 6. the accepted authors are notified and the authors have to submit  
> the final version of the paper;
>
>
> 6.1 Once we know the agenda, promote the event in local specialized  
> media in the IT sector
>
>
> 7. contact some relevant editors (IEEE, Springer, ACM, etc) to edit  
> the conference proceedings (a book that contains all the papers that  
> are accepted and presented on the conference);
> 8. people to chair the differenre sessions.
>
> This is a model that can give more credibility to the conference,  
> specially for the academic community. I think OWASP can gain much by  
> having this model of conference has well.
>
>>
>> Vicente from OWASP Spain Chapter is willing to help with the  
>> organization for this year in Madrid and Carlos is willing to do it  
>> next year in Portugal.
>
> Yes, it is true. We just need to setup the dates...
>
>
>
> For me, it will be a pleasure to collaborate in organizing this  
> event in Madrid.
>
>
>
>>
>> so I honestly don't know if it will clash with the OWASP summit in  
>> 2010 as this event could be handled separately...
>
> We may study the best fit for this conference and the next summit.  
> We may also consider that perhaps this Iberic conference is  
> something that is more oriented for iberic people - this depends, I  
> know...
>
>
> I consider independents the two events. I also believe that this  
> event has a more local scope.
>
>
>
> There is quite a huge amount of work to do. If we want to make this  
> happen, we need to setup the dates as soon as possible.
>
>
> Yes! if we do this event I think we should start to move and set a  
> date.
>
> Regards,
> -- 
> _________________________________
> Vicente Aguilera Diaz
> OWASP Spain chapter leader
> CISA, CISSP, ITIL
> CEH Instructor, ECSP Instructor, OPSA, OPST
> vicente.aguilera at owasp.org
> Homepage: http://www.owasp.org/index.php/Spain
> Mailing list: http://lists.owasp.org/mailman/listinfo/owasp-spain
> PGP: 0xD21C1EF8 - D1F0 E0B5 2ACC B4B5 57CD  C427 58B7 CF0D D21C 1EF8
> _________________________________
>
>
>
>
>>
>> any thoughts?
>>
>> Fabio Cerullo
>> Divisional Information Security
>> Bankcentre D1,
>> Ballsbridge,
>> Dublin 4,
>> Ireland.
>>
>> Tel: +353 1 772 6309
>> Email: fabio.e.cerullo at aib.ie
>>
>>
>>
>> Carlos Serrao <carlos.j.serrao at gmail.com>
>> 05/03/2009 17:37
>>
>>
>>         To:        <paulo.coimbra at owasp.org>
>>         cc:        <fabio.e.cerullo at aib.ie>, <vicente.aguilera at owasp.org 
>> >, "'OWASP Foundation Board List'" <owasp-board at lists.owasp.org>, <global_tools_and_project_committee at lists.owasp.org 
>> >, <global_conference_committee at lists.owasp.org>
>>         Subject:        Re: Iberic Collaboration Project
>>
>>
>>
>>
>> Hi Paulo and all,
>> we were not aware of that... sorry. At least I was not!
>>
>> What do you foresee as reasonable date to organize such Iberic  
>> event? Before or after this Summit? Where the Summit will take  
>> place this time?
>>
>> Kind regards,
>>
>> On 2009/03/05, at 17:34, Paulo Coimbra wrote:
>>
>> Hello Fabio,
>>
>> I thank both your updated and the OWASP Iberic Project proposal  
>> which I am forwarding to OWASP Board, Project’s Committee and  
>> Conference’s Committee.
>>
>> As my first comment, as you are proposing to have the first  
>> conference in Madrid in late 2009, I would say we must pay  
>> attention to the fact we are planning the next Summit to January  
>> 2010.
>>
>> Many thanks, best regards,
>>
>> Paulo Coimbra,
>> OWASP Project Manager
>>
>> From: fabio.e.cerullo at aib.ie [mailto:fabio.e.cerullo at aib.ie]
>> Sent: quinta-feira, 5 de Março de 2009 10:39
>> To: paulo.coimbra at owasp.org
>> Cc: seba at owasp.org
>> Subject: Fw: Iberic Collaboration Project
>>
>>
>> Hi Paulo,
>>
>> please find below some notes from our first meeting between Vicente  
>> (Spain) and Carlos (Portugal).
>>
>> the main idea at the moment is to organize a conference in Madrid  
>> later in 2009.
>>
>> the next meeting is scheduled for next wednesday at 19.30.
>>
>> if you have any questions, please let me know.
>>
>> thank you,
>>
>> cc. Seba.
>>
>> Fabio Cerullo
>> Divisional Information Security
>> Bankcentre D1,
>> Ballsbridge,
>> Dublin 4,
>> Ireland.
>>
>> Tel: +353 1 772 6309
>> Email: fabio.e.cerullo at aib.ie
>>
>> ----- Forwarded by Fabio E Cerullo/IR/AIB on 05/03/2009 10:23 -----
>> Carlos Serrao <carlos.serrao at iscte.pt>
>> Sent by: Carlos Serrao <carlos.j.serrao at gmail.com>
>> 05/03/2009 02:19
>>
>>
>>        To:        Vicente Aguilera <vicente.aguilera at owasp.org>,fabio.e.cerullo at aib.ie
>>        cc:
>>        Subject:        Some notes....
>>
>>
>>
>>
>>
>> Hi all,
>> just some notes from our meeting and some extra ideas abou the  
>> conference.
>>
>> Best regards,
>> Carlos Serrão, Ph.D., M.Sc.: ISCTE/DCTI Assistant Professor |  
>> NetMuST/Adetti Researcher - website - blog -allofads.com
>> contacts | carlos.serrao at iscte.pt, carlos.j.serrao at gmail.com skype  
>> | pontocom msn |pontocom73 at hotmail.com | linkedin
>>
>> ******************************************************
>> This document is strictly confidential and is intended for use by  
>> the addressee unless otherwise indicated.
>>
>> This email has been scanned by an external email security system.
>>
>> Allied Irish Banks
>>
>> AIB and AIB Group are registered business names of Allied Irish  
>> Banks p.l.c. Allied Irish Banks, p.l.c. is regulated by the  
>> Financial Regulator.  Registered Office: Bankcentre, Ballsbridge,  
>> Dublin 4. Tel: + 353 1 6600311; Registered in Ireland: Registered  
>> No. 24173
>>
>> Please consider the environment before printing this e-mail.
>> ******************************************************
>> <OWASP Iberic Project.docx>
>>
>> -- 
>> Carlos Serrão
>> http://www.carlosserrao.net | http://blog.carlosserrao.net | http://www.netmust.eu
>>
>> ******************************************************
>> This document is strictly confidential and is intended for use by  
>> the addressee unless otherwise indicated.
>>
>> This email has been scanned by an external email security system.
>>
>> Allied Irish Banks
>>
>> AIB and AIB Group are registered business names of Allied Irish  
>> Banks p.l.c. Allied Irish Banks, p.l.c. is regulated by the  
>> Financial Regulator.  Registered Office: Bankcentre, Ballsbridge,  
>> Dublin 4. Tel: + 353 1 6600311; Registered in Ireland: Registered  
>> No. 24173
>>
>> Please consider the environment before printing this e-mail.
>> ******************************************************
>
> --
> Carlos Serrão
> http://www.carlosserrao.net | http://blog.carlosserrao.net | http://www.netmust.eu
>
>
>
>
> _______________________________________________
> Global_education_committee mailing list
> Global_education_committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global_education_committee

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_education_committee/attachments/20090309/3b3fb646/attachment-0001.html 


More information about the Global_education_committee mailing list