DocumentCode :
2351605
Title :
Model-Checking Driven Security Testing of Web-Based Applications
Author :
Armando, Alessandro ; Carbone, Roberto ; Compagna, Luca ; Li, Keqin ; Pellegrino, Giancarlo
Author_Institution :
DIST, Univ. of Genova, Genova, Italy
fYear :
2010
fDate :
6-10 April 2010
Firstpage :
361
Lastpage :
370
Abstract :
Model checking and security testing are two verification techniques available to help finding flaws in security-sensitive, distributed applications. In this paper, we present an approach to security testing of web-based applications in which test cases are automatically derived from counterexamples found through model checking. We illustrate our approach by discussing its application against of the SAML-based Single Sign-On for Google Apps.
Keywords :
Internet; distributed processing; program testing; program verification; security of data; Google Apps; SAML-based single sign-on; Web-based application; distributed application; model checking; security testing; security-sensitive application; test case; verification technique; Application software; Authorization; Automatic testing; Information security; Isolation technology; Logic; Phase detection; Protocols; Software testing; System testing; model checking; security testing; web-based applications;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Software Testing, Verification, and Validation Workshops (ICSTW), 2010 Third International Conference on
Conference_Location :
Paris
Print_ISBN :
978-1-4244-6773-0
Type :
conf
DOI :
10.1109/ICSTW.2010.54
Filename :
5463670
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2351605
بازگشت