[Owasp-leaders] OWASP Access Management Policy

Larry Conklin larry.conklin at owasp.org
Thu Nov 10 19:52:35 UTC 2016


Elizabeth
Who came up with this rule?....and why is it necessary?...Does sound like
an open organization to me. Is this a world-wide rule?
*For the on-site events attendance, OWASP members and non-members may be
asked to present their state issued photo identification card (passport,
driver license, e.g.).*

Larry

On Thu, Nov 10, 2016 at 10:16 AM, Elizabeth Belousov <
elizabeth.belousov at owasp.org> wrote:

> It was a long overdue on my part. Last night at NY chapter meeting the
> topic was brought up to the discussion, which spurred me to think of OWASP
> Top 10 Compliance.
>
> Below:
>
> -- The background of the proposal
>
> -- OWASP Access Management Policy
> <https://drive.google.com/a/owasp.org/file/d/0B2w4JBsaD0LFTDYzSlk2WFNnelk/view?usp=sharing>
> (also linked via Google drive)
>
> *****************************
>
> Dear OWASP leaders:
>
>
>
> I’m writing you to solicit your feedback about the OWASP Access Management
> Policy that I recommend for adoption.
>
>
>
> Background. Earlier this year, there were several graphic violence/hatred
> content incidents on NY/NJ Meetup page. In order to monitor OWASP social
> media pages for inappropriate profile images, I proposed adopting the OWASP
> access management policy that would allow profile reconciliation based on
> the truthful information provided by OWASP followers and members.
>
>
>
> The access management policy would allow to:
>
>
>
> - Minimize or eliminate the presence of synthetic or anonymous OWASP
> followers;
>
> - Facilitate to physical access according to security standards of the
> hosting sites;
>
> - Drive meeting attendance by collaborating with real people.
>
>
>
> Looking forward to your feedback!
>
>
> *****************************
> Regards,
>
> *Liz Belousov*
> NYC chapter Volunteer* | *OWASP Foundation
>
>
>
> *OWASP Access Management Policy*
>
>
>
> The OWASP members or non-members that would like to participate in the
> OWASP chapter activities (events, webinars, onsite and online forums [e.g.
> by posting comments]) must use their real identities: first name, last
> name, and an image that corresponds to that identity [a headshot image].
>
>
>
> For the on-site events attendance, OWASP members and non-members may be
> asked to present their state issued photo identification card (passport,
> driver license, e.g.).
>
>
>
> The OWASP local chapters reserve a right to exclude from event
> registration and consequently the onsite or online participation those
> individuals who do not comply with the OWASP Access Management requirement.
>
>
>
> The OWASP maintains privacy of chapter members and meeting attendees
> according to the Mandatory Chapter Rules (cited below).
>
>
>
> [“The privacy of chapter members and meeting attendees should be protected
> at all times. You should not disclose names, email addresses, or other
> identifying information about OWASP members or meeting attendees. Only
> aggregate statistics can be referenced. Sponsors should not have access to
> member lists; however, they may ask attendees to share contact information
> voluntarily, for example via submitting business cards voluntarily for a
> raffle.”]
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20161110/db8de903/attachment.html>


More information about the OWASP-Leaders mailing list