European Roadmap for Research on Web Security

The European Commission, in the context of its “Digital Agenda for Europe”, is organizing a conference on cybersecurity. Registration closes Monday May 25. From the conference pages: This event […] will be devoted to trust and security in the digital world. Gunther Oettinger, Commissioner for Digital Economy and Society, will open the...

STREWS published its Second Case Study on Web Security Architecture:   Case study 2 Report: Web Security Architecture [PDF] The Open Web Platform is already transforming the Web again. More functionality on the Web increases the attacking surface. From a document driven Web, we are heading towards an action-driven Web. This also includes the...

The United States Computer Emergency Readiness Team (US-CERT) normally puts out alerts about security failures in individual software systems, but this time decided to publish an article about Man-In-The-Middle (MITM) attacks in general and four existing mitigation strategies. After a brief introduction to MITM attacks, it recommends...

The Web Application Security Working Group has published a Working Draft of Credential Management Level 1. This specification describes an imperative API enabling a website to request a user’s credentials from a user agent, and to help the user agent correctly store user credentials for future use. Learn more about the Security Activity.

Today the Web Payments Interest Group published a first draft of Web Payments Use Cases. The current payment landscape is changing rapidly, offering new opportunities for greater security, improved usability on mobile, and payment innovations in areas like digital wallets and cryptocurrencies. The lack of open standards for integrating the...

The IAB and ISOC invite papers for a workhop on large-scale, coordinated responses to security attacks. The workshop is called CARIS (Coordinating Attack Response at Internet Scale) and will be held in Berlin (Germany) on June 19, co-located with the FIRST Conference. See the IAB site for information about the workshop and instructions for...

When the STREWS project started, in October 2012, the plan included a workshop for early 2014 about WebRTC. The workshop would be a complement to the project's first case study. But in June 2013, something happened. Edward Snowden, an NSA employee at the time, talked to the Guardian newspaper and revealed details of the secret electronic...

==================================================== 15TH INTERNATIONAL SCHOOL ON FOUNDATIONS OF SECURITY ANALYSIS AND DESIGN FOSAD 2015 ==================================================== http://www.sti.uniurb.it/events/fosad15 31 August - 5 September 2015, Bertinoro, Italy In cooperation with NESSoS and CryptoForma *** Application...

August 19, 2014 | | www.owasp.org | Contact Us | Brought to you by the OWASP Foundation Featured OWASP ProjectOWASP Web Spa Project The OWASP WebSpa Project is a Java web knocking tool for sending a single HTTP/S request to your web server in order to authorize the execution of a premeditated Operating System (O/S)...

(From Daniel Cuthbert) OWASP Community, It gives me immense pleasure to finally release version 2 of the OWASP Application Security Verification Standard for all to enjoy. The community feedback on this has been overwhelming and it's great to see so many of you investing time and effort into what Sahba and I feel is an incredibly...

OWASP AppSec USA 2014 Adds Leading Global Experts to List of Speakers Are you registered for the upcoming OWASP conference? We are excited to be getting closer to the OWASP AppSec USA event and we have now announced our roster of keynote speakers.  The premier software security conference for developers, auditors, risk managers,...

Maa chi, maa ha, maa jo, OWASP Community, eti sen? The OWASP Ghana Cybersecurity Conference will take place in Accra, Ghana this December for the second year in a row! The event dates are December 10 - 11, 2014. It amazes me that there are so many places on planet earth where OWASP is active in some way. If you are interested in speaking at this...

Just a reminder that this FRIDAY, AUGUST 15 is the DEADLINE to submit your candidacy for the 2014 OWASP Global Board Of Directors.  For Information including eligibility requirements, primary responsibilities, election timeline and other important information, please visit our election page.  ...

3rd International Workshop on Quantitative Aspects in Security Assurance Affiliated workshop with ESORICS 2014 Wroclaw, Poland, September 11, 2014 www.iit.cnr.it/qasa2014 *** Invited Speakers: Elisa Bertino and  Audun Josang *** *Overview* There is an increasing demand for techniques to deal with quantitative aspects of...

14  Edition of the summer school on Foundations of Security Analysis and Design (FOSAD 2014)http://www.sti.uniurb.it/events/fosad14/ The 14th edition of the summer school on Foundations of Security Analysis and Design will be held in in the fascinating Rock of Bertinoro, Italy. This year edition is co-sponsored by NESSoS and...

The final version of the NESSoS research roadmap is available at the URL:  http://www.nessos-project.eu/media/deliverables/y3/NESSoS-D4.3-PartII-Roadmap.pdf

The Network of Excellence on Engineering Secure Future Internet Software Services and Systems (NESSoS) aims at constituting and integrating a long lasting research community on engineering secure software-based services and systems.

JSON Web Signature (JWS) represents content secured with digital signatures or Message Authentication Codes (MACs) using JSON-based data structures. Cryptographic algorithms and identifiers for use with this specification are described in the separate JSON Web Algorithms (JWA) specification and an IANA registry defined by that specification. ...