1 / 4

OWASP Plan – Security Assurance Testing of Virtual Worlds (SATVW)

OWASP Plan – Security Assurance Testing of Virtual Worlds (SATVW). Rick Zhong rick.zhong@gmail.com +65 91838260. Oct 2009. Overview. Issue: Increasing impact of security issues in virtual world applications and environments

stump
Download Presentation

OWASP Plan – Security Assurance Testing of Virtual Worlds (SATVW)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. OWASP Plan – Security Assurance Testing of Virtual Worlds (SATVW) Rick Zhong rick.zhong@gmail.com +65 91838260 Oct 2009

  2. Overview • Issue: • Increasing impact of security issues in virtual world applications and environments • No structured approach to identify and assess the security status of Virtual Worlds • Generic application security practice used and it is very similar to web application security 5 years ago. • Solutions: A security testing framework/guideline specific to Virtual World applications and environments.

  3. Objectives • Create a security testing framework specific to Virtual World related applications (MMORGs) and environments. • The targeted audience groups • Developers • Create more secure and robust virtual worlds • End-users (individual players or companies) • Use the framework as a quick checklist to make sure the virtual worlds they dedicate their time, efforts and money have a proper layer of security protection. • Third-party assessors (consultants, auditors and reviewers engaged to evaluate a virtual world application/environment) • Use the framework as a guideline for their evaluation and testing.

  4. Future Plans • Initiation (Jan 2010 to Mar 2010) • Call for community participation • Assemble the project team • First Draft Version (Apr 2010 – Sep 2010) • First Release (by Dec 2010 )

More Related