Sciweavers

DBSEC
2008

Towards Automation of Testing High-Level Security Properties

14 years 1 months ago
Towards Automation of Testing High-Level Security Properties
Abstract. Many security problems only become apparent after software is deployed, and in many cases a failure has occurred prior to the awareness of the problem. Although many would argue that the simpler solution to the problem would be to test the software before deploying it. Although we support this argument, we understand that it is not necessarily applicable in a modern development environment. Software testing is labor intensive and is very expensive from a time and cost perspective. While much research has been undertake to automate software testing, very little has been directed at security testing. Additionally, the majority of these efforts have targeted low-level security (safety) instead of high-level security. In this paper, we present elements of a solution towards automation of testing security properties and for the generation of test data suites for detecting security vulnerabilities in software. Key words: Security Testing, Dynamic Analysis, Data Dependency, Test Dat...
Aiman Hanna, Hai Zhou Ling, Jason Furlong, Mourad
Added 29 Oct 2010
Updated 29 Oct 2010
Type Conference
Year 2008
Where DBSEC
Authors Aiman Hanna, Hai Zhou Ling, Jason Furlong, Mourad Debbabi
Comments (0)