• DocumentCode
    2755331
  • Title

    An Approach Dedicated for Web Service Security Testing

  • Author

    Salva, Sébastien ; Laurençot, Patrice ; Rabhi, Issam

  • Author_Institution
    LIMOS, Univ. d´´Auvergne, Aubière, France
  • fYear
    2010
  • fDate
    22-27 Aug. 2010
  • Firstpage
    494
  • Lastpage
    500
  • Abstract
    Web Services are more and more used in designing and building systems in open and dynamic distributed environments. The security of these transactions is becoming a critical issue. This paper proposes a security testing method for stateful Web Services. We define some specific security rules with the Nomad language. Then, we construct test cases from a symbolic specification and test purposes derived from the previous rules. We present some experimentation results based on roughly 100 Web Services and we show that 11 percent have vulnerabilities, using the rules introduce in the article.
  • Keywords
    Web services; computer network security; formal specification; Nomad language; Web service; dynamic distributed environment; security testing; symbolic specification; Authentication; Availability; Simple object access protocol; Testing; XML; Security rules; Test generation; Test purposes; Web Services;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Software Engineering Advances (ICSEA), 2010 Fifth International Conference on
  • Conference_Location
    Nice
  • Print_ISBN
    978-1-4244-7788-3
  • Electronic_ISBN
    978-0-7695-4144-0
  • Type

    conf

  • DOI
    10.1109/ICSEA.2010.84
  • Filename
    5615483
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2755331