OpenMRS Security Assessment Wiki Assessment Template D
m |
m |
||
(One intermediate revision by one user not shown) | |||
Line 7: | Line 7: | ||
== Executive Summary == | == Executive Summary == | ||
− | When you finish this assignment, write a brief summary of the most important parts of this document. Imagine that a person with authority to make sweeping changes to OpenMRS is reading this executive summary. You have one sentence to get her attention and two minutes to tell her what she needs to do, why it is important and how you know. (2 points per useful paragraph, maximum | + | When you finish this assignment, write a brief summary of the most important parts of this document. Imagine that a person with authority to make sweeping changes to OpenMRS is reading this executive summary. You have one sentence to get her attention and two minutes to tell her what she needs to do, why it is important and how you know. (2 points per useful paragraph, maximum 8 points) |
== Scope == | == Scope == | ||
Line 42: | Line 42: | ||
[[File:Creativecommons-by-nc-sa-40.png]] | [[File:Creativecommons-by-nc-sa-40.png]] | ||
+ | |||
+ | [[Category:OpenMRS]] |
Latest revision as of 11:02, 28 January 2017
As of ..., your project WIKI page should include the content described below. You should earn at least 30 points during this phase.
Contents |
Identify the Assessment Area Here
Authors
The instructor will be compiling all of the submissions for this assignment into a report that will be made publicly available. If you wish public recognition for your contribution, list the way you would like to be identified here. You are encouraged to include your OpenMRS ID (https://id.openmrs.org).
Executive Summary
When you finish this assignment, write a brief summary of the most important parts of this document. Imagine that a person with authority to make sweeping changes to OpenMRS is reading this executive summary. You have one sentence to get her attention and two minutes to tell her what she needs to do, why it is important and how you know. (2 points per useful paragraph, maximum 8 points)
Scope
This section was described in a previous template.
Assets
This section was described in a previous template.
Risks
This section was described in a previous template.
Design Principes
This section was described in a previous template.
Summary of Findings
Summarizing the risks that were not adequately controlled and the design principles that were violated. (2 points per useful paragraph.)
Recommendations
Make at actionable recommendations that will address significant issues from your findings. Actionable means that there are specific steps that can be taken to implement the recommendation. For each one, make a section like the following. (2 points per useful paragraph, figure or code fragment.)
Name of Recommendation
Describe the threat that is being addressed. Make the specific recommendation. Provide details that are needed to implement this recommendation. State how to tell if the recommendation was implemented correctly. (For example, if you recommend a technique that eliminates SQL injection attacks, explain how to test if the SQL injection attack you identified is still present.)
Conclusion
Write a one or two paragraph conclusion. (2 points per useful paragraph)
This work by Steven P. Crain (...@plattsburgh.edu) is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License