For our final installment of our summer series featuring new organizations that participated in Google Summer of Code 2012 we have wrap up posts from OWASP, Outercurve and 52°North.
Being part of Google Summer of Code this year was truly an awesome experience both for students and OWASP mentors alike. OWASP is an open source community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. However, it is usually challenging getting students to develop code for OWASP projects because application security is considered a difficult, and sometimes complex subject.
Google Summer of Code acted as a window between OWASP and the academic world, enabling students to work first-hand with highly skilled application security professionals.
The following OWASP projects took part in Google Summer of Code 2012:
OWASP Zed Attack Proxy
"This is the first year I've been involved in Google Summer of Code, and I'm delighted to say it has been an overwhelming success. We had 3 students working on the Zed Attack Proxy project, and I have been very impressed with the quality of their work. They all required a lot less hand-holding than I expected - they all just got stuck in, while still keeping their mentors up to date and asking questions when necessary. They were all very dedicated and produced code which has significantly enhanced the project. While I'm obviously hoping that they will carry on contributing, even if they don't I'll still consider this to have been very worthwhile and will be very keen to participate next year." - Simon Bennetts, mentor
- Cosmin Stefan rewrote the existing ZAP spider, making it it much faster and more accurate. He also enhanced ZAP to manage HTTP sessions, which will be a key feature that we can build on for future releases.
- Guifre Ruiz added a new Ajax spider to ZAP by integrating with crawljax project, which will allow ZAP to spider AJAX applications much more effectively. He not only had to understand the ZAP code but also delved into the crawljax code and has submitted a series of enhancements back to the crawljax project as well.
- Robert Koch (c/o Mozilla) added Web Sockets support to ZAP, exceeding the capabilities of any other security tool in this aspect, free or commercial.
OWASP AppSensorRauf Butt extended the AppSensor project by building a SOAP-based web service in Java to allow multiple Java applications to access the same AppSensor detection engine.
"The Google Summer of Code was a good experience for the AppSensor project. We had lots of needs to cover, so our scope was initially too large. Through the course of the first half of the summer, it became evident that this was the case. Through helpful discussions with our student as well as experiences related from those who had been through the process before, we were able to narrow our focus and produce a more defined project that will serve as the basis for the next version of AppSensor." - John Melton, mentor
OWASP Hackademics “Pragya Gupta developed a new frontend for the OWASP Hackademic Challenges which implements CMS-like functionality, simplifies installation and facilitates the automated addition of new challenges. The additional functionality will significantly help professors and tutors in real class environments.” - Konstantinos Papapanagiotou, mentor
Kudos to the Open Source Team at Google and special thanks to Carol Smith who guided us through this initiative!By Fabio Cerullo, OWASP Google Summer of Code 2012 Org Administrator
----------
The Outercurve Foundation provides software IP management and project development governance to enable and encourage organizations to develop software collaboratively in open source communities. Outercurve was accepted as a mentoring organization for our first Google Summer of Code in 2012, being awarded two slots for student projects.
Of the project proposals we received, a number of students stood out in discussing and evolving their proposals with Outercurve mentors during the submissions period. The two projects we chose were:
While we were very excited to participate in the Google Summer of Code, we had a problem: these were not the only two excellent proposals we received from students. The Outercurve Mayhem and Outercurve CoApp projects each wanted to support at least one more student proposal. The project leaders (finding budget at Microsoft) and Outercurve jointly funded two more student proposals.
- Irina Grosu from Romania with her project to add modules to Outercurve Mayhem to integrate Microsoft Office, the Google API, Bluetooth connectivity, and Skype.
- Cristina Turken, also from Romania, worked on creating a GUI-based desktop application that allows software publishers to create an Outercurve CoApp package, (instead of using the command line tools).
The two "Outercurve" Summer of Code projects accepted were:
- Henrik Juvonen in Finland wanted to build CoApp for Visual Studio so that CoApp library packages (native C/C++ and .NET) can be discovered, installed, and updated without ever having to leave the development environment.
- Anirudh Ranganath India wanted to add a number of events and responses to Mayhem for monitoring charging states, noting USB device connect/disconnect, and an Alarm event, as well as putting the computer in different power modes (sleep, hibernation, shut down) and setting the volume level.
Over the next few weeks we will showcase all of our students’ work. I’d like to thank Google for the opportunity to participate, the project leaders for finding the funds to co-sponsor additional student projects, and our mentors. I would especially like to thank our students for all their hard work. I hope they all found the summer worthwhile and will continue to participate with their Outercurve Foundation projects of choice.
By Stephen R. Walli, Outercurve Foundation Technical Director
----------
The open source software initiative 52°North is an open international network of partners from research, industry and public administration. Its main purpose is to foster innovation in the field of Geoinformatics through a collaborative R&D process. The R&D process takes place within 52°North R&D communities, which develop new concepts and technologies such as for managing near real-time sensor data, integrating geoprocessing technologies into SDIs, making use of GRID and Cloud technologies. The developers evaluate new macro trends, such as the Internet of Things, the Semantic Web or Linked Open Data, and find ways to unfold their use in practice.
As a Google Summer of Code first-timer, 52°North was thrilled to be chosen as a mentoring organization and particularly proud to welcome four students to work on different projects in the fields of Sensor Web, Web of Things and Geoprocessing this summer. 52°North’s overall goals with the student projects this summer was to improve the usability of the products and extend the user base to new domains.
By Daniel Nüst, 52°North Google Summer of Code Organization Administrator
- Sarah Harvey’s project, On-demand transformation of Open Street Map Data into common GIS format, brings the power of the 52°North WPS to the popular Open Source Mapping project. It deals primarily with providing bindings for OpenStreetMap data so that they may be used within the Web Processing Service (WPS).
- Alexander Kmoch enabled easy integration of user implemented encodings for observations to the 52°North Sensor Observation Service (SOS). In his “Exchangeable Encodings for SOS” project, he developed and integrated a plugin mechanism into an SOS server for plain CSV (comma separated values), as well as WaterML 2.0 response formats.
- In his project, GIS link to the Web of Things, Sidhant Hasija created a link between the rising Web of Things with standard GIS by implementing the GeoServices REST Specification for the Arduino-powered SenseBox devices.
- Shubham Sachdeva focused on 52°North Sensor Observation Services installation and subsequent maintenance issues. In his project, "SOS Administrator", he developed an initial configuration and installation wizard, as well as a powerful administrative back-end, both browser-based and platform independent.
We will start posting more Google Summer of Code wrap-ups from returning organizations later this week.
By Stephanie Taylor, Open Source Programs