secologic

Seite auf deutsch
Deutsch
Page in english
English
Results & Downloads :: Security for Applications :: Programming Languages

Programming Languages

In this section you’ll find Guides for secure programming in:

PHP Security

This section contains technical information and recommendations on security aspects about the PHP programming language.

Topic Version Language Date Type Format Author
PHP-Secure-Programming new English 02/12/07 Whitepaper doc
pdf
EUROSEC
Sichere Programmierung von PHP Deutsch 11/23/05 Course Material pdf
ppt
EUROSEC

Java Security

This section contains technical information and recommendations on security aspects about the Java programming language.

Topic Version Language Date Type Format Author
Java Security Deutsch 11/23/05 Course Material pdf
ppt
EUROSEC
Secure Java Programming 0.9 English 12/07/05 Whitepaper doc
pdf
EUROSEC
Java Best Practice Guide 3.0 English 10/10/06 Best Practice Guide pdf
SAP
E-learning Applikation SecologicTrain 1.0 English 12/19/06 Software archive zip
SAP

SecologicTrain is an E-learning application, written in Java, which shows you typically vulnerabilities in the area of WebSecurity. With practical exercises you can study problems and solutions of secure programming. We designed a static prototype with the exercise 'Cookie Security'. The full version is programed in Java/JSP and ready to download. The topics of the downloadable version are: XSS (Cross Site Scripting), SQL-Injection, X-Path Injection, Cookie Security. Preconditions are an installed MySql Database and a Apache Tomcat. An installation guide is in the zip-file included.

C / C++ Security

This section contains technical information and recommendations on security aspects about the C and/or C++ programming language.

Topic Version Language Date Type Format Author
Sichere Programmierung von C Deutsch 11/23/05 Course Material pdf
ppt
EUROSEC
Secure C Programming 1.0 English 12/07/05 Whitepaper doc
pdf
EUROSEC
Tutorial C Insecurities English 12/09/05 Presentation pdf
pps
SVS-UHH
Secure Code Tools English 12/09/05 Presentation pdf
pps
SVS-UHH

JavaScript Security

This section contains technical information and recommendations on security aspects about the JavaScript programming language. The paper focusses on filtering aspects to provide countermeasures against cross-site scripting attacks.

Topic Version Language Date Type Format Author
Filtering JavaScript 0.9new English 12/07/05 Whitepaper doc
pdf
EUROSEC

WebServices Security

This section contains among others a Best Practice Guide for WebServices Security.

Topic Version Language Date Type Format Author
Web Service Security 1.0 Deutsch February 2007 Best Practice Guide pdf
SAP
Security Tests for Web Services 1.0 English March 2007 Best Practice Guide pdf
SAP
Web Service-Security Policy, Kurz-Analyse und Vergleich zwischen den Versionen 1.0 und 1.2 1.1 Deutsch September 2007 White Paper und MindMap zip
SAP

Furthermore, an example implementation of a secure and reliable web service scenario can be found here. The code comprises a web application to initiate the credit card order and a set of web services to accept order and status requests. It is implemented in Java using in one case the open source software NetBeans and GlassFish from Sun Microsystems and in the other case SAP NetWeaver.

Topic Version Language Date Type Format Author
Secure Web Services; Example Implementation in GlassFish 1.0 English March 2007 Java Example Implementation and Documentation zip
SAP
Secure Web Services; Example Implementation for SAP Netweaver 2004 1.0 English March 2007 Java Example Implementation and Documentation zip
SAP