SoftwareSecurity2013/Group 5

Uit Werkplaats
< SoftwareSecurity2013
Versie door Erik Poll (overleg | bijdragen) op 21 mrt 2014 om 16:11
(wijz) ← Oudere versie | Huidige versie (wijz) | Nieuwere versie → (wijz)
Ga naar: navigatie, zoeken

Group nr. 5

Group members:

  • Krzysztof Okupski (TU/e)
  • Rafael Boix Carpi (TU/e)
  • Eduardo Novella Lorente (RU)


Topic: Verification Requirements V3: Session Management, V10: Communication Security and V11: HTTP Security for MediaWiki

Deliverables

The log should be a chronological list of who has been doing what, with dates.
Also useful to document decisions on who will be doing what, and by when.
This should discuss the results of the code scanning, for the Verfication Requirements your group is looking at.
Describe your impressions about the tools, in capabilities, limitations, etc.
Also, did you learn anything about specific security vulnerabilities from using them?

Level2B evaluation

This should give your verdict for each requirement (Pass/Fail/Don't know) with motivation, and an indication of what you did to reach this verdict.
Reflect on the whole process of doing a code review, or "Application Security Verification", in the way you did.