I just finished my Bachelor’s thesis with the topic “Secure Web Application Framework”, unfortunately it’s in Persian, thus only Persian readers can enjoy it.
It’s about 200 pages, which about half of it review web concepts (theory and practice) from a security perspective. The other half has mostly advanced theory/practice about web security and the secure framework around it (with respect to an actual web application framework).
Unfortunately I was pushed hard by the deadline for this, and it’s not what I could call a thesis done by me, but this is probably 10 times better than any other. A glossary of the terms is also included as an appendix.
I did this thesis based on my 5 years of active career as a security expert, my 4.5 years of active OWASP participation (with a lot of code review, coding and standard review on many projects such as ESAPI, ASVS, WebGoat, etc.) and my 3 years of lead developer in jFramework.
I bet it will be interesting :D
This document is considered a draft by me yet. Please address any issues/feedback to me so that I can fix this. I might complete this and publish it as a book.