DocumentCode
3514020
Title
Towards a practical and effective security testing methodology
Author
Prandini, Marco ; Ramilli, Marco
Author_Institution
Dipt. di Elettron. Inf. e Sist., Univ. di Bologna, Bologna, Italy
fYear
2010
fDate
22-25 June 2010
Firstpage
320
Lastpage
325
Abstract
Security testing is an important step in the lifetime of both newly-designed and existing systems. Different methodologies exist to guide testers to the selection, design, and implementation of the most appropriate testing procedures for various contexts. Typically, each methodology stems from the specific needs of a particular category of actors, and consequently is biased towards some aspect of peculiar interest to them. This work compares the most commonly adopted methodologies to point out their strengths and weaknesses, and, building on the results of the performed analysis, proposes a path towards the definition of an integrated approach, by defining the characteristics that a new methodology should exhibit in order to combine the best aspects of the existing ones.
Keywords
Guidelines; Manuals; Planning; Security; TV; Testing; Writing; GNST; ISSAF; OEVT; OSSTMM; security testing;
fLanguage
English
Publisher
ieee
Conference_Titel
Computers and Communications (ISCC), 2010 IEEE Symposium on
Conference_Location
Riccione, Italy
ISSN
1530-1346
Print_ISBN
978-1-4244-7754-8
Type
conf
DOI
10.1109/ISCC.2010.5546813
Filename
5546813
Link To Document