[OWASP-Bangalore] Security framework for different layers of web application

Archana Vakkaleri Muralidharan Archana_VM at infosys.com
Fri Dec 21 17:23:46 UTC 2012


Sure Aditya. I shall read the suggested book.

Kind Regards,
Archana

From: owasp-bangalore-bounces at lists.owasp.org [mailto:owasp-bangalore-bounces at lists.owasp.org] On Behalf Of aditya
Sent: Friday, December 21, 2012 6:16 PM
To: OWASP Bangalore Mailing List
Subject: Re: [OWASP-Bangalore] Security framework for different layers of web application

Hello Archana,

If you need to understand the good in depth basics of Confidentiality, Integrity, Availability, Authentication, Authorization, Accountability, Non-repudiation , I suggest you go about reading CISSP Shon Harris AIO. Its good.
On Fri, Dec 21, 2012 at 10:01 AM, Archana Vakkaleri Muralidharan <Archana_VM at infosys.com<mailto:Archana_VM at infosys.com>> wrote:
Hi All,
                We are in the process of arriving at the Security best practices or Security framework containing view per paradigm (Web, intranet, extranet) for the different areas of Web Application i.e. UI layer, Database layer, Business layer, Services layer, Transport across layers . The different categories that are targeted in Security framework are Confidentiality, Integrity, Availability, Authentication, Authorization, Accountability, Non-repudiation .

                There are a lot of material available for Secure SDLC practices but little on the above topic. Any pointers will be of great help. Thanks in advance!

Kind Regards,
Archana


**************** CAUTION - Disclaimer *****************

This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely

for the use of the addressee(s). If you are not the intended recipient, please

notify the sender by e-mail and delete the original message. Further, you are not

to copy, disclose, or distribute this e-mail or its contents to any other person and

any such actions are unlawful. This e-mail may contain viruses. Infosys has taken

every reasonable precaution to minimize this risk, but is not liable for any damage

you may sustain as a result of any virus in this e-mail. You should carry out your

own virus checks before opening the e-mail or attachment. Infosys reserves the

right to monitor and review the content of all messages sent to or from this e-mail

address. Messages sent to or from this e-mail address may be stored on the

Infosys e-mail system.

***INFOSYS******** End of Disclaimer ********INFOSYS***


_______________________________________________
OWASP-Bangalore mailing list
OWASP-Bangalore at lists.owasp.org<mailto:OWASP-Bangalore at lists.owasp.org>
https://lists.owasp.org/mailman/listinfo/owasp-bangalore



--
Regards
Aditya Balapure

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-bangalore/attachments/20121221/a79dfcbd/attachment.html>


More information about the OWASP-Bangalore mailing list