Html5 Security presented at OWASP BASC 2010

by Ming Chow (Tufts University),

Tags: Application Security Web

URL : http://www.owasp.org/index.php/2010_BASC_Presentations#HTML5_Security

Summary : The power of HTML5 allows developers to create web applications not just structured content, but its new features has increased the attack surface. This presentation will demo and discuss new attack opportunities, particularly on client machines, including abusing the offline application cache and SQL injection via file-based client-side databases.

Ming Chow : Ming Chow is a scholar of science and technology and a Lecturer at the Tufts University Department of Computer Science. His areas of interests are computer security, game development, web application security, and Computer Science in Education. Ming co-edited a special issue of IEEE Security & Privacy on securing online games with Gary McGraw of Cigital, Inc. published in May 2009. Ming is a frequent guest speaker, and have spoke at numerous organizations, including New England Association of Insurance Fraud Investigators (NEAIFI), and the New England Chapter of the High Technology Crime Investigation Association (HTCIA-NE), the Greater Boston Chapter of the Association of Certified Fraud Examiners (ACFE), John Hancock, and the Massachusetts Office of the Attorney General (AGO). Finally, Ming is a SANS GIAC Certified Incident Handler (GCIH).