[Owasp-access-control-rules-tester-project] Access Control project 50% delivery delayed by 3 days
petand at lvk.cs.msu.su
Mon Jun 30 04:50:14 EDT 2008
Good day, everyone!
I hope you have reached the 50% review in good mood and health.
According to the schedule, I am to post report about ongoing work by the
29th of June.
However, I am requesting a three day delay. I am going to post the
current results by the evening of 2nd of July.
These results include:
- technical paper with taxonomy of web application vulnerabilities, with
reasoning about business logic flaws and with the formal problem
statement regarding access control testing;
- overview of the tool architecture, what components are going to be
used and why;
- the Spider module of the tool, which is based on the WebScarab Spider
submitting web forms according to user-filled configs.
Now all these parts are undergoing the phase of tuning.
I hope these three days of delay will not matter much.
Sorry for any inconvinience,
More information about the Owasp-access-control-rules-tester-project