DocumentCode :
2755331
Title :
An Approach Dedicated for Web Service Security Testing
Author :
Salva, Sébastien ; Laurençot, Patrice ; Rabhi, Issam
Author_Institution :
LIMOS, Univ. d´´Auvergne, Aubière, France
fYear :
2010
fDate :
22-27 Aug. 2010
Firstpage :
494
Lastpage :
500
Abstract :
Web Services are more and more used in designing and building systems in open and dynamic distributed environments. The security of these transactions is becoming a critical issue. This paper proposes a security testing method for stateful Web Services. We define some specific security rules with the Nomad language. Then, we construct test cases from a symbolic specification and test purposes derived from the previous rules. We present some experimentation results based on roughly 100 Web Services and we show that 11 percent have vulnerabilities, using the rules introduce in the article.
Keywords :
Web services; computer network security; formal specification; Nomad language; Web service; dynamic distributed environment; security testing; symbolic specification; Authentication; Availability; Simple object access protocol; Testing; XML; Security rules; Test generation; Test purposes; Web Services;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Software Engineering Advances (ICSEA), 2010 Fifth International Conference on
Conference_Location :
Nice
Print_ISBN :
978-1-4244-7788-3
Electronic_ISBN :
978-0-7695-4144-0
Type :
conf
DOI :
10.1109/ICSEA.2010.84
Filename :
5615483
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2755331
بازگشت