[OWASP-Bangalore] Security framework for different layers of web application
Archana Vakkaleri Muralidharan
Archana_VM at infosys.com
Fri Dec 21 17:23:46 UTC 2012
Sure Aditya. I shall read the suggested book.
From: owasp-bangalore-bounces at lists.owasp.org [mailto:owasp-bangalore-bounces at lists.owasp.org] On Behalf Of aditya
Sent: Friday, December 21, 2012 6:16 PM
To: OWASP Bangalore Mailing List
Subject: Re: [OWASP-Bangalore] Security framework for different layers of web application
If you need to understand the good in depth basics of Confidentiality, Integrity, Availability, Authentication, Authorization, Accountability, Non-repudiation , I suggest you go about reading CISSP Shon Harris AIO. Its good.
On Fri, Dec 21, 2012 at 10:01 AM, Archana Vakkaleri Muralidharan <Archana_VM at infosys.com<mailto:Archana_VM at infosys.com>> wrote:
We are in the process of arriving at the Security best practices or Security framework containing view per paradigm (Web, intranet, extranet) for the different areas of Web Application i.e. UI layer, Database layer, Business layer, Services layer, Transport across layers . The different categories that are targeted in Security framework are Confidentiality, Integrity, Availability, Authentication, Authorization, Accountability, Non-repudiation .
There are a lot of material available for Secure SDLC practices but little on the above topic. Any pointers will be of great help. Thanks in advance!
**************** CAUTION - Disclaimer *****************
This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely
for the use of the addressee(s). If you are not the intended recipient, please
notify the sender by e-mail and delete the original message. Further, you are not
to copy, disclose, or distribute this e-mail or its contents to any other person and
any such actions are unlawful. This e-mail may contain viruses. Infosys has taken
every reasonable precaution to minimize this risk, but is not liable for any damage
you may sustain as a result of any virus in this e-mail. You should carry out your
own virus checks before opening the e-mail or attachment. Infosys reserves the
right to monitor and review the content of all messages sent to or from this e-mail
address. Messages sent to or from this e-mail address may be stored on the
Infosys e-mail system.
***INFOSYS******** End of Disclaimer ********INFOSYS***
OWASP-Bangalore mailing list
OWASP-Bangalore at lists.owasp.org<mailto:OWASP-Bangalore at lists.owasp.org>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Bangalore