• DocumentCode
    625557
  • Title

    RAILROADMAP: An Agile Security Testing Framework for Web-application Development

  • Author

    Munetoh, S. ; Yoshioka, Nobukazu

  • Author_Institution
    Grad. Univ. for Adv. Studies, Tokyo, Japan
  • fYear
    2013
  • fDate
    18-22 March 2013
  • Firstpage
    491
  • Lastpage
    492
  • Abstract
    We propose a model-assisted security testing framework for developing Web applications. We devised a tool called “RailroadMap” that automatically extracts a behavior model from the code base of Ruby-on-Rails. This model provides a unified point of view for analyzing security problems by representing an application´s behavior, which includes all security functions and possible attack scenarios.
  • Keywords
    Internet; program testing; security of data; software prototyping; RailroadMap tool; Ruby-on-Rails code base; Web-application development; attack scenarios; automatic application behavior model extraction; model-assisted agile security testing framework; security problem analysis; Access control; Analytical models; Encoding; Navigation; Rails; Testing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Software Testing, Verification and Validation (ICST), 2013 IEEE Sixth International Conference on
  • Conference_Location
    Luembourg
  • Print_ISBN
    978-1-4673-5961-0
  • Type

    conf

  • DOI
    10.1109/ICST.2013.80
  • Filename
    6569769
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=625557