OWASP ASIDE Project

From OWASP
Revision as of 17:38, 29 June 2012 by Jing Xie (Talk | contribs)

Jump to: navigation, search

Main

This project is led by [Jing Xie] & Bill Chu. Other major contributors include Jun Zhu, Heather Richter Lipford, John Melton & Will Stranathan.

New: Our submission to AppSecUSA2012 has been accepted. We'd look forward to meeting with those who are interested in our idea and project.

We have presented our talk Secure Programming Support in IDE at AppSec USA 2011 in Minneapolis. Although the resources are not available anymore, you can still view and download our presentation here.


Project About

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP ASIDE Project (home page)
Purpose: ASIDE is an abbreviation for Application Security Integrated Development Environment. It is an Eclipse Plugin which is a software tool primarily designed to help students write more secure code by detecting and identifying potentially vulnerable code and providing informative fixes during the construction of programs in IDEs. ASIDE may be useful by professional developers as well.
License: N/A
who is working on this project?
Project Leader(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation: View
Mailing list: Mailing List Archives
Project Roadmap: Not Yet Created
Key Contacts
  • Contact Jun Zhu @ to contribute to this project
  • Contact Jun Zhu @ to review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases

Take a Look

ASIDE is still under development. But in order to give you a sense of what it should be doing, we have this old version of ASIDE DEMO. You will need Adobe Flash to display it. A newer version will soon be uploaded.

Download

The first publicly available ASIDE can be downloaded now. You also need to download the complementary logging facility to make ASIDE work properly. ASIDE is built upon Eclipse IDE for Java EE Developers Version 3.5+.

To make it work, please place the two jar files under the plugins folder of your Eclipse installation directory and then restart your Eclipse.

Source Code

The source code is located at https://github.com/Jing-Xie/owasp-aside

Research Activities

1. Jing Xie, Heather Richter Lipford, and Bill Chu, Evaluating Interactive Support for Secure Programming, To appear at ACM Conference on Human Factors in Computing Systems (CHI), May 2012, Austin, Texas, USA

2. Jing Xie, Bill Chu, Heather Richter Lipford, and John T. Melton, ASIDE:IDE Support for Web Application Security, In Proceedings of 27th Annual Computer Security Applications Conference (ACSAC), December 5–9, 2011, Orlando, FL, USA

3. Jing Xie, Heather Richter Lipford, and Bill Chu, Why do programmers make security errors?, In Proceedings of IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC), September 18–22, 2011, Pittsburgh, PA, USA

4. Jing Xie, Bill Chu, and Heather Richter Lipford Interactive Support for Secure Software Development, In Proceedings of Engineering Secure Software and Systems Third International Symposium (ESSoS), February 2011, Madrid, Spain