Theme: Security

Owned by Uwe Wahser

Last updated: Feb 15, 2024

1 min read

Content

1 Content
2 Quick Links
3 Problem Statement
4 Approach
5 Projects
6 Results
7 Related links
- 7.1 Incubator pages
- 7.2 Literature
- 7.3 Security labelled pages in the wiki

Quick Links

Problem Statement

Approach

Projects

Page:

Project: Security 2022 — Penetration Testing and Source Code Review for the openIMIS web application
Page:

Project: Security 2021 — SecurityONE is the chosen partner to perform penetration testing of openIMIS web application. The objective of these security tests is to identify potential areas of concern associated to the openIMIS web application in its actual state and to determine how a motivated attacker can breach the system.

Results

Incubator pages

Page:
Idea: Two-factor authentication
— System shall require 2 factor authentication to verify changes in contact details table (email or phone number):
- System shall send notification to user upon validation of user data change
- System shall allow user to validate and approve user detail updates

Literature

SocialProtection.org security report

Security labelled pages in the wiki

Page:
2018-06 Code Review (openIMIS)
Page:
2018-11 Code Review (openIMIS)
Page:
2021-12 Penetration Test (openIMIS)
Page:
2022-08 Code Review (openIMIS)
- testing
- theme-security
Page:
2022-09 Penetration Test (openIMIS)
Page:
2022-10 UNDP Security Review (openIMIS)
Page:
2023-09-03 Digital Square Security Review (openIMIS)
Page:
2023-10 - Comprehensive Security Assessment of the openIMIS Web Application through Penetration Testing (openIMIS)
Page:
2023-10 OWASP Compliance Report (openIMIS)
Page:
Backend security - Administrators highlights (openIMIS)
Page:
Backend security - Developers guidelines (openIMIS)
Page:
Backend security - Implementers highlights (openIMIS)
Page:
Backend security - Models and Concepts (openIMIS)
Page:
Background: Open Web Application Security Project (OWASP) (openIMIS)
- theme-security
Page:
Code Quality Initiative (openIMIS)
- security

Did you encounter a problem or do you have a suggestion?

Please contact our Service Desk

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. https://creativecommons.org/licenses/by-sa/4.0/