[OWASP-GUIDE] White paper: Authentication and Session Management on the Web

• Previous message: [OWASP-GUIDE] PCI - Visa / MC / Amex merchant security standards
• Next message: [OWASP-GUIDE] White paper: Authentication and Session Management on the Web
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

You may be interested in this paper I've written:

  http://www.westpoint.ltd.uk/advisories/Paul_Johnston_GSEC.pdf

The first ten pages or so are probably less interesting to readers of
this list, but the latter part covers in detail all the attacks such as
session fixation, CSRF, etc.

Any constructive discussion is welcomed!

Paul

-- 
Paul Johnston, GSEC
Internet Security Specialist
Westpoint Limited
Albion Wharf, 19 Albion Street,
Manchester, M1 5LN
England
Tel: +44 (0)161 237 1028
Fax: +44 (0)161 237 1031
email: paul at westpoint.ltd.uk
web: www.westpoint.ltd.uk

• Previous message: [OWASP-GUIDE] PCI - Visa / MC / Amex merchant security standards
• Next message: [OWASP-GUIDE] White paper: Authentication and Session Management on the Web
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]