Learn More
current version: osstmm.2.0 release candidate 6 notes: This is a preview release version to for 2.0 and not an update for version 1.5. This version focuses on security testing from the outside to the inside. This has not been peer-reviewed. Those who have been contributed to this manual in consistant, valuable ways have been listed here although many more(More)
In today's age of Web applications connected via Web services, accountability has become both crucial and harder to achieve. The management of authentication, authorization, and accountability in these applications is therefore a very important and difficult problem to solve. In this article, we describe how audit logging can be built into the Web services(More)
As threats shift toward applications and as more companies struggle with compliance mandates and the limitation of protection technologies such as access control, the need for useful, comprehensive application logging can only increase. This article provides guidance on application logging to application developers and architects and to security(More)
(NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation's measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL's responsibilities include the(More)
The sections and modules are based on the 2.0 model still. However, with this version the OSSTMM is bridging to the new 3.0 structure. After a year and a half, we have collected more than enough information to ensure better and more thorough security testing however the current format did not suffice for the collected information. The newer format will(More)
Data for D * ± (2010) meson electroproduction in the range 10 < Q 2 < 1350 GeV 2 has recently been presented by the ZEUS collaboration at HERA. We use these results together with their previously published data for 1 < Q 2 < 600 GeV 2 to test whether one can distinguish between different theoretical schemes for charm quark electroproduction. We find that up(More)