A Guide to Building Secure Web Applications and Web Services
Grok Headline matches for A Guide to Building Secure Web Applications and Web Services
A Guide to Building Secure Web
Applications version 1.1
A Guide to Building Secure Web
Applications version 1.1
09/25/2002 10:16 PMWe all use web applications everyday whether we consciously know it or
not. That is, all of us who browse the web. The ubiquity of web
applications is not always apparent to the everyday web user. When one
visits cnn.com and the site automagically knows you are a US resident
and serves you US news and local weather, it's all because of a web
application. When you transfer money, search for a flight, check out
arrival times or even the latest sports scores online, you are using a
web application. Web Applications and Web Services (inter-web
applications) are what drive the current iteration of the web and are
evolving to serve new platforms and new devices with an ever-expanding
array of information and services.
The last two years have seen a significant surge in the amount of web
application specific vulnerabilities that are disclosed to the public.
No web application technology has shown itself invulnerable, and
discoveries are made every day that affect both owners' and users'
security and privacy.
Security professionals have traditionally focused on network and
operating system security. Assessment services have relied heavily on
automated tools to help find holes in those layers. Today's needs are
different, and different tools are needed. Despite this, the basic
tennants of security design have not changed. This document is an
attempt to reconcile the lessons learned in past decades with the
unique challenges that the web provides.
While this document doesn't provide a silver bullet to cure all the
ills, we hope it goes a long way in taking the first step towards
helping people understand the inherent problems in web applications
and build more secure web applications and Web Services in the future.
-- OWASP team
"btn" PDF version
"zeldman.doc"
Building Applications with POE
Building Applications with POE
07/23/2004 06:32 PMIn Matt Cashner's second article on POE, he describes how to fit
together POE's components into event-driven applications.
Building Web applications with JDK 1.4.2
Building Web applications with JDK 1.4.2
12/02/2003 03:03 AMCNET Dec 2 2003 1:47AM ET
Devise secure ASP.NET applications
Devise secure ASP.NET applications
03/21/2003 02:24 AMCNET Mar 21 2003 1:24AM ET
Learn to secure your ASP.NET
applications
Learn to secure your ASP.NET
applications
07/08/2002 10:50 PMCNET Jul 8 2002 10:13PM ET
Building Metadata Applications with RDF
Building Metadata Applications with RDF
02/12/2003 07:46 PMAfter some time wondering what to do with RDF, Bob DuCharme found
RDFlib, a Python RDF processing library, and "the lightbulb finally
went on." Bob describes his experiences.
A Primer for Building Flex Applications
A Primer for Building Flex Applications
08/22/2004 09:08 PMLearn how the class library manifests in MXML and other useful tips
for building Flex apps.
Building PHP Applications With
Macromedia Dreamweaver MX
Building PHP Applications With
Macromedia Dreamweaver MX
12/18/2002 02:10 PMLooking for a RAD tool to help you quickly and efficiently
develop PHP-based Web applications? Or just new to PHP and MySQL in
general? You might want to spend some time with Dreamweaver MX,
Macromedia's latest revision of their venerable HTML editor, which
comes
with some nifty new ideas designed to minimize hand-coding of PHP
scripts.
Building Applications with AppleScript
and FaceSpan
Building Applications with AppleScript
and FaceSpan
04/13/2004 09:06 PMAppleScript is primarily a scripting language; it is intended to let
the user communicate with existing applications. Still, having
developed a scripting solution with AppleScript, a user might
naturally wish to wrap a standard application interface around it. So,
how can a user take advantage of AppleScript in order to write a
stand-alone application?
Secure Mobile Access to Business
Applications
Secure Mobile Access to Business
Applications
03/25/2005 09:18 PMTechnology News Daily Mar 26 2005 2:06AM GMT
Building Applications with the Linux
Standard Base
Building Applications with the Linux
Standard Base
12/22/2004 01:40 AMSlashdot Dec 21 2004 12:38AM GMT
Building Intelligent, Rule-Based
Applications?
Building Intelligent, Rule-Based
Applications?
06/17/2005 03:39 PMSlashdot Jun 16 2005 11:41AM GMT
InfoWorld SOA Executive Forum: Building
applications on the SOA platform
InfoWorld SOA Executive Forum: Building
applications on the SOA platform
04/18/2005 10:06 AM
The title of my second panel at the upcoming
SOA Forum is "Building
applications on the SOA platform." I'll be joined on May 5 by Tim
Ewald (Mindreef), Edwin Khodabakchian (Oracle), John Shewchuk
(Microsoft), and Annrai O'Toole (Cape Clear). (On May 17, it'll be
Microsoft's Dino Chiesa instead of John Shewchuk.) Here are a few
examples of the kinds of questions I'd like this panel to address:
...Building Enterprise Applications with
Flex and Flash Communication Server
Building Enterprise Applications with
Flex and Flash Communication Server
12/22/2004 01:47 AMBuild a sample application in Flex that uses shared remote objects in
Flash Communication Server.
Guide to DIY site building
Guide to DIY site building
01/20/2003 12:33 PMBy RICHARD WOOD. The Google search engine became a close friend in my
challenge to build websites for free. Searching the internet ...
A Guide for Secure Web Apps from OWASP
A Guide for Secure Web Apps from OWASP
09/26/2002 08:39 AMSecure XP - A Windows XP Security Guide
v1.0.0
Secure XP - A Windows XP Security Guide
v1.0.0
01/04/2005 11:30 AMAdvanced System Building Guide
Advanced System Building Guide
03/22/2005 07:17 PMO'Reilly Releases "SSH, The Secure
Shell: The Definitive Guide, Second
Edition"
O'Reilly Releases "SSH, The Secure
Shell: The Definitive Guide, Second
Edition"
06/17/2005 03:37 PMADVISORY/Trusted Computing Group
Community to Demonstrate Key Building
Blocks and Applications at Intel Develo
ADVISORY/Trusted Computing Group
Community to Demonstrate Key Building
Blocks and Applications at Intel Develo
04/07/2005 03:26 AMBusiness Wire India via Hindustan Times Apr 7 2005 8:05AM GMT
FiveSight Announces PXE: Affordable BPEL
Implementation Reduces Complexity & Cost
Of Building Connected Applications
FiveSight Announces PXE: Affordable BPEL
Implementation Reduces Complexity & Cost
Of Building Connected Applications
07/08/2004 02:06 AMFiveSight Technologies, Inc, a software technology company delivering
standards-based business process execution infrastructure products to
enterprise customers and software vendors, today announced PXE
(Process eXecution Engine) at the JavaOne conference in San Francisco.
PXE is a BPEL (Business Process Execution Language) implementation
designed for software developers and architects who need a
non-proprietary, widely-available foundation for building connected
applications. [PRWEB Jul 8, 2004]
Solution Guide for Migrating High
Performance Computing (HPC) Applications
from UNIX to Windows
Solution Guide for Migrating High
Performance Computing (HPC) Applications
from UNIX to Windows
01/03/2004 05:59 AMThis guide is designed to provide process and technical guidance to
help you migrate your existing HPC applications from UNIX to
Microsoft® Windows®, as well as set up the required HPC
infrastructure (including hardware, network connectivity, and software
tools) to run those applications on Windows. It will help you choose
the optimal HPC system architecture for your business, and once you
have made that choice, it provides detailed guidance for you to plan,
migrate, deploy, and operate your HPC system. The guide can also be
used to create a Windows-based HPC application and HPC infrastructure
from scratch, without migrating from a UNIX environment, although this
use is not its primary purpose.
This guide discusses the planning and implementation of four types of
HPC systems on Windows. These are symmetric multiprocessing (SMP),
massively parallel multiprocessing (MPP), a network of workstations
(NOW), and Web service-load balanced systems (WS-LB).
Integrating XML Web Services With VB6
Applications
Integrating XML Web Services With VB6
Applications
04/16/2004 10:27 PMDDJ Apr 17 2004 1:24AM GMT
Building Pipelines with Web Services
Building Pipelines with Web Services
03/11/2003 09:44 AMSo on this day last year,
I was excitely thinking about pipelining webservices together like
commands in a
UNIX command line shell...
Building PHP Web services with PEAR
Building PHP Web services with PEAR
02/16/2004 11:54 AMPHP -- short for PHP Hypertext Preprocessor -- was, along with Perl,
one of the frontrunners in server-side programming long before any
JSP/Servlet or ASP technology came to be. It is often the language of
choice for those using Apache's Web server, which runs almost 70% of
sites on the Web. Due to its pervasiveness, it seems obvious that it
should support the most recent standards, such as SOAP, which are also
adopted by major technology vendors. In this article, we will describe
how Web services can be implemented in PHP.
Building Web services with the Google
API
Building Web services with the Google
API
06/12/2002 06:22 AM10 Jun 2002: The Google search engine can now be accessed via a
SOAP-based Web service. This means that developers can now embed
Google search results and other information into their own
applications. Google also took this project one step further, creating
an API and Java toolkit for accessing the data. This tutorial is for
developers who want to use Google information from within their Java
applications.
Secure Web Based Mail Services
Secure Web Based Mail Services
06/23/2004 12:23 PMDevChannel: Building PHP Web services
with PEAR
DevChannel: Building PHP Web services
with PEAR
02/19/2004 10:09 AM"Web services" is quite a hot buzzword these days, but few people
really understand the power behind these simple connection between
machines. Web services have evolved to much more than just a simple
exchange of data, and
this new piece will help you get started.
BECi launches wireless applications
services
BECi launches wireless applications
services
08/17/2004 06:48 PMBangkok Post Aug 17 2004 11:15PM GMT
Oracle Buys Oblix to Secure Web Services
Oracle Buys Oblix to Secure Web Services
03/28/2005 06:57 PMYes, you can secure your Web services
documents, Part 2 (JavaWorld.com)
Yes, you can secure your Web services
documents, Part 2 (JavaWorld.com)
10/15/2002 07:15 AMGuide to Web Services
Guide to Web Services
11/13/2003 03:01 AMCNET Nov 13 2003 2:07AM ET
Industry giants rapidly building new
download services
Industry giants rapidly building new
download services
09/26/2004 11:23 AM
A
series of moves by digital media giants suggest further
developments in the growing world of music downloading. Sony
decided to allow music files in the popular
MP3 format to be
played in its devices, a change from its policy restricting usage only
to its own Atrac
format.
At the same time, Yahoo and Microsoft are exploring using instant message
applications to support copyright-clear music file sharing. Both
companies
recently entered the music downloading market.
American colleges are increasingly
turning to such download services as an alternative to copyright
problems with peer-to-peer filesharing.
Cognos and Macromedia combine Web
Services with Rich Internet Applications
Cognos and Macromedia combine Web
Services with Rich Internet Applications
08/20/2002 06:49 PMIDGNet New Zealand Aug 20 2002 4:06PM ET
MSDN TV: Developing Applications Using
SQL Server 2000 Reporting Services
MSDN TV: Developing Applications Using
SQL Server 2000 Reporting Services
05/07/2004 10:46 AMThis episode provides an overview of Reporting Services and shows how
to add reports to your applications, including how to design reports
using Report Designer, call SOAP methods using Visual Studio.NET 2003
against the Report Server Web service, and integrate reports into Win
Forms applications.
A Beginner's Guide to Web Services
A Beginner's Guide to Web Services
07/19/2004 01:31 AMCreate and consume your very first web service with ColdFusion and
Flash.
Cameraphone services guide
Cameraphone services guide
01/23/2004 02:18 PMCNET guide to the different cameraphone services offered by each
cellular carrier (except for Nextel, which doesn't offer a cameraphone
- yet). Read [Via Reiter's...
Developer's Guide to Web Services
Developer's Guide to Web Services
11/18/2003 02:28 AMCNET Nov 18 2003 1:58AM ET
Step-by-Step Guide for Setting Up Secure
Wireless Access in a Test Lab
Step-by-Step Guide for Setting Up Secure
Wireless Access in a Test Lab
04/15/2004 11:47 AMThis white paper describes how to configure secure wireless access
using IEEE 802.1X authentication using Protected Extensible
Authentication Protocol-Microsoft Challenge Handshake Authentication
Protocol version 2 (PEAP-MS-CHAP v2) and Extensible Authentication
Protocol-Transport Layer Security (EAP-TLS) in a test lab using a
wireless access point (AP) and four computers. Of the four computers,
one is a wireless client, one is a domain controller, certification
authority (CA), and Dynamic Host Configuration Protocol (DHCP) and
Domain Name System (DNS) server, one is a Web and file server, and one
is an Internet Authentication Service (IAS) server that is acting as a
Remote Authentication Dial-in User Service (RADIUS) server.
Grok Description matches for A Guide to Building Secure Web Applications and Web Services
GrokA matches for A Guide to Building Secure Web Applications and Web Services
A Guide to Building Secure Web Applications and Web Services
