[Owasp-sanantonio] OWASP Meeting Tomorrow - Final notice

Dan Cornell dan at denimgroup.com
Tue May 23 12:11:43 EDT 2006


All:

This is the last reminder that tomorrow is the May meeting of the San
Antonio chapter of OWASP.  See below for more information - hope to see
you all there!

Thanks,

Dan

==============================

San Antonio OWASP Chapter: May 2006 Meeting
Topic: How to Prevent Forceful Browsing
Presenter: Dan Ross of PIC Business Systems
Date: Wednesday May 24th, 2006 11:30am - 1:00pm
Location:
San Antonio Technology Center (Web Room)
3463 Magic Drive
San Antonio, TX 78229
http://maps.google.com/maps?f=q&hl=en&q=3463+Magic+Drive,+San+Antonio,+T
X+78229

Abstract:
By Forceful Browsing, clients may be able to access pages which should
be forbidden. A technique for preventing forceful browsing is
introduced. With this technique, you may be assured that clients may
only visit pages for which links have been presented.

Granularity may be adjusted for an entire page, as well as for specific
page parameters. For example, you may prevent a user from deleting
customers altogether, or you may permit a user to delete customer #1,
but not customer #2. In addition, a notification system can alert you
when users are forceful browsing.

The implementation will be presented using PHP.

Presenter Bio:
Dan Ross has been VP Engineering for 17 years at PIC Business Systems,
which provides integrated business software for the Window Coverings and
Apparel Industries. He has led the design, development, and maintenance
of many commercial web applications and programs. He has a BS in
Industrial Engineering from St. Mary's University in San Antonio.

Sodas and snacks will be provided. Feel free to bring a brown-bag lunch.

Please RSVP: E-mail owasprsvp _at_ denimgroup _dot_ com or call (210)
572-4400.




More information about the Owasp-sanantonio mailing list