مرکز منطقه ای اطلاع رساني علوم و فناوري - Security policy testing using vulnerability exploit chaining

DocumentCode :

2165240

Title :

Security policy testing using vulnerability exploit chaining

Author :

Darmaillacq, Vianney

Author_Institution :

Univ. of Grenoble, Grenoble

fYear :

2008

fDate :

9-11 April 2008

Firstpage :

260

Lastpage :

261

Abstract :

Security policy validation based on conformance testing is a promising approach, but it lacks both of a fault model and of better test selection procedures. Penetration testing approaches rely on a fault model based on the exploitation of sequences of vulnerabilities. This document proposes a method to generate test purposes to validate the conformance of a system to a security policy using a fault model inspired from penetration testing.

Keywords :

program testing; program verification; security of data; conformance testing; security policy testing; security policy validation; Authorization; Concrete; Educational institutions; Explosions; Gain control; Genetic mutations; Security; Software testing; System testing; Web services;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Software Testing Verification and Validation Workshop, 2008. ICSTW '08. IEEE International Conference on

Conference_Location :

Lillehammer

Print_ISBN :

978-0-7695-3388-9

Type :

conf

DOI :

10.1109/ICSTW.2008.37

Filename :

4567017

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2165240