Difference between revisions of "OWASP German Language Project"

From OWASP
Jump to: navigation, search
m (threat)
(13 intermediate revisions by 2 users not shown)
Line 7: Line 7:
  
 
== News ==
 
== News ==
 +
'''November 16, 2011. Finished translation of OWASP Top 10. Any comments to [mailto:top10@owasp.de top10@owasp.de]
 +
'''July 9, 2011. Meeting on German Translation of OWASP Top Ten in Karlsruhe''' (please contact [mailto:kai.jendrian@owasp.org kai.jendrian@owasp.org] if you want to participate). <br/>
 
'''March 16, 2011. German Language Project has been officially started.'''
 
'''March 16, 2011. German Language Project has been officially started.'''
 +
 +
== Participation ==
 +
If you wish to contribute in the project please join us at [https://lists.owasp.org/mailman/listinfo/owasp-german-language-project mailing list subscription page].
 +
 +
'''Follow and participate at our [http://www.owasp.org/index.php/Talk:OWASP_German_Language_Project discussions]''' (German)
  
 
== Deliverables ==
 
== Deliverables ==
Line 14: Line 21:
 
* German translations of all the release-level document projects:
 
* German translations of all the release-level document projects:
 
** '''OWASP ASVS''' - Ver 1.0 ([http://owasp-asvs.googlecode.com/svn/trunk/documentation/asvs-webapp-release-2009-de.pdf PDF], [http://owasp-asvs.googlecode.com/svn/trunk/documentation/asvs-webapp-release-2009-de.doc Word]) by Matthias Rohr
 
** '''OWASP ASVS''' - Ver 1.0 ([http://owasp-asvs.googlecode.com/svn/trunk/documentation/asvs-webapp-release-2009-de.pdf PDF], [http://owasp-asvs.googlecode.com/svn/trunk/documentation/asvs-webapp-release-2009-de.doc Word]) by Matthias Rohr
 +
** '''OWASP Top 10 2010''' - ([https://www.owasp.org/index.php/File:OWASPTop10_DE_Version_1_0.pdf PDF])
 
* German translations of major sections of OWASP web site:
 
* German translations of major sections of OWASP web site:
 
** nothing yet
 
** nothing yet
* German translations of OWASP Software
+
* German translations of OWASP software
 
** nothing yet
 
** nothing yet
  
Line 52: Line 60:
 
| [http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP Top 10]
 
| [http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP Top 10]
 
| 2010
 
| 2010
| '''unknown'''
+
| Done
 
| Kai Jendrian
 
| Kai Jendrian
| Kai Jendrian
+
| Frank Dölitzscher, Tobias Glemser, Dr. Ingo Hanke, Kai Jendrian, Ralf Reinhard, Michael Schäfer
| '''<tbd>'''
+
| Frank Dölitzscher, Tobias Glemser, Dr. Ingo Hanke, Kai Jendrian, Ralf Reinhard, Michael Schäfer
| '''<tbd>'''
+
| November 16, 2011
| '''<tbd>'''
+
|  
| [http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project#tab=2010_Translation_Efforts here]
+
|([https://www.owasp.org/index.php/File:OWASPTop10_DE_Version_1_0.pdf PDF])
 
|-
 
|-
 
| [http://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project OWASP ASVS]
 
| [http://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project OWASP ASVS]
Line 71: Line 79:
 
|}
 
|}
  
 +
== Other OWASP Projects in German Language ==
 +
* [[Best Practices: Web Application Firewalls|Best Practices: Web Application Firewalls]]
 +
* [[Projektierung der Sicherheitsprüfung von Webanwendungen|Projektierung der Sicherheitsprüfung von Webanwendungen]]
  
 
==  Ideas ==
 
==  Ideas ==
Line 107: Line 118:
  
  
== Participation ==
+
 
If you wish to contribute in the project please join us at [https://lists.owasp.org/mailman/listinfo/owasp-german-language-project mailing list subscription page].
+
  
 
==== Glossary ====
 
==== Glossary ====
Line 116: Line 126:
  
 
The order used in the "German / Translation" section represents the proposed usage.
 
The order used in the "German / Translation" section represents the proposed usage.
 +
 +
'''Please do not change any existing definition without discussing it on the mailing list!'''
  
 
{| cellspacing="0" cellpadding="3" border="1" style="border: 1px solid black;"
 
{| cellspacing="0" cellpadding="3" border="1" style="border: 1px solid black;"
Line 121: Line 133:
 
! style="border-left: 1px solid black;" | English
 
! style="border-left: 1px solid black;" | English
 
! German Translation / Deutsche Übersetzung
 
! German Translation / Deutsche Übersetzung
! Reference
+
! German Description
 
! Comment / Kommentar
 
! Comment / Kommentar
 
|-
 
|-
Line 127: Line 139:
 
| Access Control, Zugriffskontrolle
 
| Access Control, Zugriffskontrolle
 
|  
 
|  
 +
|
 +
|-
 +
| Accountability
 +
| Verbindlichkeit
 
|  
 
|  
 +
|
 
|-
 
|-
 
| Application Security
 
| Application Security
 
| Anwendungssicherheit
 
| Anwendungssicherheit
|  
+
|
 
|  
 
|  
 
|-
 
|-
 
| Attack
 
| Attack
 
| Angriff
 
| Angriff
|  
+
|
 
|  
 
|  
 
|-
 
|-
 
| Authentication
 
| Authentication
 
| Authentisierung
 
| Authentisierung
|  
+
|Im Deutschen unterscheiden man gelegentlich, im Gegensatz zum Englischen, zwischen ''Authentifizierung'' und ''Authentisierung''
 +
| siehe auch: [http://de.wikipedia.org/wiki/Authentifizierung]
 +
|-
 +
| Awareness
 +
| Awareness, Bewusstsein
 +
|
 
|  
 
|  
 
|-
 
|-
 
| Backdoor
 
| Backdoor
 
| Backdoor, Hintertür
 
| Backdoor, Hintertür
 +
|
 +
|
 +
|-
 +
| Checksum
 +
| Prüfsumme
 
|  
 
|  
 
|  
 
|  
Line 152: Line 179:
 
| Vertrauen
 
| Vertrauen
 
|  
 
|  
|  
+
|
 
|-
 
|-
 
| Confidentiality
 
| Confidentiality
 
| Vertraulichkeit
 
| Vertraulichkeit
 +
|
 
|  
 
|  
 +
|-
 +
| Countermeasure
 +
| Gegenmaßnahme
 +
|
 
|  
 
|  
 
|-
 
|-
 
| Coverage
 
| Coverage
| (Verifikations-)Abdeckung
+
| Abdeckung
| ASVS
+
 
|  
 
|  
 +
|
 
|-
 
|-
 
| Cryptographic Module
 
| Cryptographic Module
 
| Kryptographisches Modul
 
| Kryptographisches Modul
| ASVS
+
|
 
|  
 
|  
 
|-
 
|-
 
| Design Verification
 
| Design Verification
 
| Designverifikation
 
| Designverifikation
| ASVS
 
 
|  
 
|  
 +
|
 +
|-
 +
| Impact
 +
| Auswirkung (eines Angriffs oder Bedrohung)
 +
|
 +
| wörtlich: Anprall, Anschlag, Auswirkung
 
|-
 
|-
 
| Input Validation
 
| Input Validation
 
| Eingabevalidierung
 
| Eingabevalidierung
|  
+
|
 
|  
 
|  
 
|-
 
|-
 
| Internal Verification
 
| Internal Verification
 
| Interne Verifikation
 
| Interne Verifikation
| ASVS
+
|
 
|  
 
|  
 
|-
 
|-
Line 199: Line 236:
 
|  
 
|  
 
|-
 
|-
| Non-Repudiation
+
| Measure
| Nicht Abstreitbarkeit
+
| Maßnahme
 +
|
 
|  
 
|  
 +
|-
 +
| Non Repudiation
 +
| Nichtabstreitbarkeit
 +
|
 
|  
 
|  
 
|-
 
|-
 
| Output Validation
 
| Output Validation
 
| Ausgabevalidierung
 
| Ausgabevalidierung
 +
|
 +
|
 +
|-
 +
| Protection Requirements
 +
| Schutzbedarf
 +
|
 +
|
 +
|-
 +
| Residual Risk
 +
| Restrisiko
 +
|
 
|  
 
|  
 
 
|-
 
|-
 
| Rigor
 
| Rigor
 
| (Verifikations-)Strenge
 
| (Verifikations-)Strenge
| ASVS
+
|
|
+
|
 +
|-
 +
| Risk Analysis
 +
| Risikoanalyse
 +
|
 +
 +
|-
 +
| Safeguard
 +
| Schutzmechanismus
 +
|
 +
|
 
|-
 
|-
 
| Security Configuration
 
| Security Configuration
 
| Sicherheitskonfiguration
 
| Sicherheitskonfiguration
| ASVS
+
|
 
|   
 
|   
 
|-
 
|-
 
| Security Control
 
| Security Control
 
| Sicherheitsmechanismus, Security Control
 
| Sicherheitsmechanismus, Security Control
| ASVS
+
|
 
|   
 
|   
 
|-
 
|-
Line 236: Line 298:
 
| Security Architectur
 
| Security Architectur
 
| Sicherheitsarchitektur
 
| Sicherheitsarchitektur
|  
+
|
 
|   
 
|   
 
|-
 
|-
 
| Threat
 
| Threat
 
| Bedrohung
 
| Bedrohung
|  
+
|
 
|  
 
|  
 
|-
 
|-
Line 248: Line 310:
 
|  
 
|  
 
|
 
|
 +
|-
 +
| Trojan Horse
 +
| Trojaner, Trojanische Pferd
 +
|
 +
|
 
|-
 
|-
 
| Verification
 
| Verification
 
| Verifikation, Prüfung
 
| Verifikation, Prüfung
| ASVS
 
 
|  
 
|  
 +
|
 
|-
 
|-
 
| Verification Requirement
 
| Verification Requirement
 
| Verifikationsanforderung, Prüfanforderung
 
| Verifikationsanforderung, Prüfanforderung
| ASVS
+
|
 
|
 
|
 
|-
 
|-
 
| Weakness
 
| Weakness
| Fehler in einer Software, der unter bestimmten Bedingungen das Ausnutzen einer Schwachstelle ermöglicht. Wenn im Deutschen Schwachstelle verwendet wird, ist meist Vulnerability und nicht Weakness gemeint
+
| Schwachstelle
|
+
Fehler in einer Software, aus dem unter bestimmten Bedingungen eine Sicherheitslücke entstehen kann.  
| wörtlich: Schwäche, Schwachstelle
+
| wörtlich: Schwäche
 
|-
 
|-
 
| Vulnerability
 
| Vulnerability
|Schwachstelle, die in der Software vorhanden ist und dazu benutzt werden kann, dass die Software unbeabsichtigt Daten verändert, den üblichen Ablauf unterbricht oder falsche Aktionen ausführt
+
| Sicherheitslücke
|
+
| Schwachstelle, die in der Software vorhanden ist und dazu benutzt werden kann, dass die Software unbeabsichtigt Daten verändert, den üblichen Ablauf unterbricht oder falsche Aktionen ausführt
| wörtlich: Angreifbarkeit, Verwundbarkeit, Schadenpotenzial, Schwachstelle; wird in allen Bedeutungen verwendet, meist jedoch wenn Schwachstelle gemeint ist
+
| wörtlich: Angreifbarkeit, Verwundbarkeit
 
|}
 
|}
  
For the followin terms, there is no German translation which is widely used or accepted:
+
For the following terms, there is no German translation which is widely used or accepted:
  
 
*'''Blacklist'''
 
*'''Blacklist'''

Revision as of 04:26, 16 November 2011

Main

Welcome to the German Language Project

The German Language Project is a new OWASP Project that will provide a foundation, guideance and common terminology for German translations (as well as other German language specific activities) of OWASP documents and parts of the OWASP web site. Furthermore, it will organize, plan and priorize new language projects such as translations.

We will trying to align our activities with the OWASP Internationalization project as well as with similar activities such as the Spanish Project or the Portuguese Language Project.

News

November 16, 2011. Finished translation of OWASP Top 10. Any comments to top10@owasp.de July 9, 2011. Meeting on German Translation of OWASP Top Ten in Karlsruhe (please contact kai.jendrian@owasp.org if you want to participate).
March 16, 2011. German Language Project has been officially started.

Participation

If you wish to contribute in the project please join us at mailing list subscription page.

Follow and participate at our discussions (German)

Deliverables

Click on the link on each issue to go to the specific resource (translated into German).

  • German translations of all the release-level document projects:
    • OWASP ASVS - Ver 1.0 (PDF, Word) by Matthias Rohr
    • OWASP Top 10 2010 - (PDF)
  • German translations of major sections of OWASP web site:
    • nothing yet
  • German translations of OWASP software
    • nothing yet

Roles

We are basically following the roles sugestet by the OWASP Internationalization .

The proposed skills are:

  • Translator(s)
    • Basic computer related knowledge.
    • Good English skills
    • Fluent in German language
    • Working knowledge in application security skills
  • Editor(s)
    • Strong computer related knowledge
    • Strong English skills
    • Strong skills in German language, participation in translation project of other open source projects is a plus.
    • Strong knowledge in application security skills
  • Translation leader. Person in charge of coordinate the translation effort. There are no special requirements, just the ability to manage a team of people and deliver on proposed time.

Current Translation Projects

Project Version Status Translation Leader Translation Team Editor Team (QA) (Expected) Completion Date Help needed? Project Site
OWASP Top 10 2010 Done Kai Jendrian Frank Dölitzscher, Tobias Glemser, Dr. Ingo Hanke, Kai Jendrian, Ralf Reinhard, Michael Schäfer Frank Dölitzscher, Tobias Glemser, Dr. Ingo Hanke, Kai Jendrian, Ralf Reinhard, Michael Schäfer November 16, 2011 (PDF)
OWASP ASVS 1.0 Done Matthias Rohr Matthias Rohr Olaf Schulz October 10, 2010 Review (PDF, Word)

Other OWASP Projects in German Language

Ideas

Idea Translation Leader Translation / Editor Team Help needed (e.g. Translators, Editors) Comment (e.g. why this project should be translated?)
<tbd> <tbd> <tbd> <tbd> <tbd>
<tbd> <tbd> <tbd> <tbd> <tbd>

Out of Scope

Translations of the following sections are NOT in scope

  • Local Chapters Pages
  • Presentations
  • Conferences
  • Videos
  • Blogs
  • All the projects deliverables in Alpha and Beta Stages
  • All the documentation “on development” like Guide Version 3.0
  • Translation of pages, documentation or tools to other language other than German according to the stated in above section.



Glossary

The following lists contains accepted German translations for English terms that are directly or indirectly related to application security. Many of them are already used in existing OWASP translations and should therefore not be changed without further discussion. German terms that are not used in the field are not included in this list.

Some English terms are widely used and accepted in German too and can (or should) therefore be used instead of a possible German translation.

The order used in the "German / Translation" section represents the proposed usage.

Please do not change any existing definition without discussing it on the mailing list!

English German Translation / Deutsche Übersetzung German Description Comment / Kommentar
Access Control Access Control, Zugriffskontrolle
Accountability Verbindlichkeit
Application Security Anwendungssicherheit
Attack Angriff
Authentication Authentisierung Im Deutschen unterscheiden man gelegentlich, im Gegensatz zum Englischen, zwischen Authentifizierung und Authentisierung siehe auch: [1]
Awareness Awareness, Bewusstsein
Backdoor Backdoor, Hintertür
Checksum Prüfsumme
Confidence Vertrauen
Confidentiality Vertraulichkeit
Countermeasure Gegenmaßnahme
Coverage Abdeckung
Cryptographic Module Kryptographisches Modul
Design Verification Designverifikation
Impact Auswirkung (eines Angriffs oder Bedrohung) wörtlich: Anprall, Anschlag, Auswirkung
Input Validation Eingabevalidierung
Internal Verification Interne Verifikation
Logging Logging, Protokollierung
Malware Malware, Schadprogramm
Malicious Code Schadcode
Measure Maßnahme
Non Repudiation Nichtabstreitbarkeit
Output Validation Ausgabevalidierung
Protection Requirements Schutzbedarf
Residual Risk Restrisiko
Rigor (Verifikations-)Strenge
Risk Analysis Risikoanalyse
Safeguard Schutzmechanismus
Security Configuration Sicherheitskonfiguration
Security Control Sicherheitsmechanismus, Security Control
Session Session, Sitzung
Session Management Session Management, Sitzungsverwaltung
Security Architectur Sicherheitsarchitektur
Threat Bedrohung
Threat Modeling Bedrohungsmodellierung, Threat Modeling
Trojan Horse Trojaner, Trojanische Pferd
Verification Verifikation, Prüfung
Verification Requirement Verifikationsanforderung, Prüfanforderung
Weakness Schwachstelle Fehler in einer Software, aus dem unter bestimmten Bedingungen eine Sicherheitslücke entstehen kann. wörtlich: Schwäche
Vulnerability Sicherheitslücke Schwachstelle, die in der Software vorhanden ist und dazu benutzt werden kann, dass die Software unbeabsichtigt Daten verändert, den üblichen Ablauf unterbricht oder falsche Aktionen ausführt wörtlich: Angreifbarkeit, Verwundbarkeit

For the following terms, there is no German translation which is widely used or accepted:

  • Blacklist
  • Denial-of-Service
  • Easter Egg
  • Encoding
  • Escaping
  • Target of Verification (TOV)
  • Whitelist

Roadmap

The project's overall goal is to...

provide a foundation, guideance and common terminology for German translations of OWASP documents and parts of the OWASP web site as well as other activities related to the German language. Furthermore, it will organize, plan and priorize new language projects such as translations.

In the near term, we are focused on the following tactical goals...

1. Link all existing German OWASP translation to this page

2. Setting-up a consistent glossary for german application security terms

3. Priorize and organize future translations and actions

4. Provide Translation Guidelines

5. Provide Translation Templates


Related Resources

<tbd>

Project About

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP German Language Project (home page)
Purpose: N/A
License: N/A
who is working on this project?
Project Leader(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases