[Owasp-sydney] Secure Design Patterns?

Christian Heinrich christian.heinrich at owasp.org
Sat Oct 23 20:08:15 EDT 2010


On Tue, Oct 19, 2010 at 12:50 PM, NG, Paul (GE Capital, Non-GE)
<paul.ng1 at ge.com> wrote:
> Was wondering if there's some sort of Secure Design Patterns (that parallels
> design patterns in OO methodologies) out there? For what i'm exposed to at
> the momenet is that i'm seeing lots of recommendations, best practices but
> not a 'framework'. I mean would view this as a pre-step to implementing
> ESAPI? Sorry if i sound too presumptious but your views on this concept
> would be most appreciated. :-). Thanks!

The most relevant to ESAPI would be
http://www.owasp.org/images/8/82/Esapi-design-patterns.pdf but there
is also http://www.owasp.org/index.php/Category:OWASP_Security_Analysis_of_Core_J2EE_Design_Patterns_Project

Christian Heinrich

More information about the Owasp-sydney mailing list