Software Security/Group 4/Wanted Documentation

Uit Werkplaats
< Software Security‎ | Group 4
Versie door Ilian van der Velden (overleg | bijdragen) op 8 jun 2011 om 15:13 (Documentation Wanted: typofix)
(wijz) ← Oudere versie | Huidige versie (wijz) | Nieuwere versie → (wijz)
Ga naar: navigatie, zoeken

Documentation Provided

Documentation Wanted

  • General Design Document of the phpBB application describing the overall technical structure of the application.
  • General Security Document with:
    • Security Requirements Document with a list of the stakeholders and a risk assessment
    • A document describing the processes used to guarantee the security in phpBB
    • An overview of all user-submitted data
    • Data validation techniques
    • Authentication and Session Management
  • Test Document describing the tests applied to the application
  • A document describing the appropriate server settings. For example:
    • Apache (or other web servers) settings
    • PHP settings and flags
    • TLS/SSL settings to use
    • Default HTTP headers
    • Documentation on which scripts should be made publicly accessible by the web server and which script should not.