For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Sa-Oiliness: A System to Measure Oiliness of Distant Subject Using Image Processing
p.4462
A Novel Approach for the Early Detection and Identification of Botnets
p.4469
An Efficient Architecture of Decision Support System for Testing Potential Geographical Indication in India
p.4476
Fluid Flow and Random Walk Mobility Model for Wireless Mobile Network Research: A Review
p.4486
A Systematic Approach to Generate and Conduct Destructive Security Test Sets
p.4495
Fingerprint Singular Point Detection Using Orientation Field Reliability
p.4499
Software Testing Model for Quality
p.4507
Prediction of Power Signal in Nuclear Reactors with Neural Network Based Intelligent Predictors in the Presence of 1/fα Type Sensor Noise
p.4512
The Comprehensive Test for Geothermal Tail-Water Disposal
p.4522

A Systematic Approach to Generate and Conduct Destructive Security Test Sets

Article Preview

Abstract:

Security testing involves two approaches; the question of who should do it has two answers. Standard testing organizations using a traditional approach can perform functional security testing. For example, ensuring that access control mechanisms work as advertised is a classic functional testing exercise. Systematic security testing approaches should be seamlessly incorporated into software engineering curricula and software development process. Traditional software engineering textbooks failed to provide adequate methods and techniques for students and software engineers to bring security engineering approaches to software development process generating secure software as well as correct software. This paper argues that a security testing phase should be added to software development process with systematic approach to generating and conducting destructive security test sets following a complete coverage principle. Software engineers must have formal training on writing secure code. The security testing tasks include penetrating and destructive tests that are different from functional testing tasks currently covered in software engineering textbooks Moreover, component-based development and formal methods could be useful to produce secure code, as well as automatic security checking tools. Some experience of applying security testing principles in our software engineering method teaching is reported.

You might also be interested in these eBooks
MEMS, NANO and Smart Systems View Preview

Info:

Periodical:

Advanced Materials Research (Volumes 403-408)

Pages:

4495-4498

DOI:

https://doi.org/10.4028/www.scientific.net/AMR.403-408.4495

Citation:

Cite this paper

Online since:

November 2011

Authors:

K. Madhuri, M. Suman, M. Nalini Sri, K. Ravi Kumar, U. Jyothi Kameswari

Keywords:

Destructive Tests, Distributed System, Functional Testing, Software Quality

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2012 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

References

[1] Computer Emergency Response Team (CERT) Coordination Center, http: /www. cert. org/, August (2003).

Google Scholar

[2] Hao Chen and David Wagner, MOSPS: an Infrastructure for Examining Security Properties of Software, Proceedings of CCS'02, November 18 - 22, 2002, Washington, DC, USA.

Google Scholar

[3] Carlo Ghezzi, Mehdi Jazayeri, and Dino Mandrioli, Fundamentals of Software Engineering, Prentice Hall, (1991).

Google Scholar

[4] Frank Hayes, The Story So Far, ComputerWorld, Vol. 37, No 28, July 14, (2003).

Google Scholar

[5] John E. Hopcroft, Rajeev Motwani, and Jeffery D. Ullman, Introduction to Automata Theory, Languages, and Computation, 2nd edition, Addison Wesley, (2001).

DOI: 10.1145/568438.568455

Google Scholar

[6] Russell Kay, Buffer Overflow, Computer World, Vol. 37, No 28, July 14, (2003).

Google Scholar

[7] Roger S. Pressman, Software Engineering, A Practitioner's Approach, 5th edition, McGraw Hill, (2001).

Google Scholar

[8] Johnn M. Schumann, Automated Theorem Proving in Software Engineering, Springer-Verlag, Berlin, (2001).

Google Scholar

[9] Ian Sommerville, Software Engineering, 6th edition, Addison Wesley, (2001).

Google Scholar

[10] SECURITY WIRE DIGEST, VOL. 5, NO. 59, AUGUST 7, (2003).

Google Scholar

[11] John Viega and Gary McGraw, Building Secure Software, Addison Wesley, (2002).

Google Scholar

[12] James A. Whittaker and Herbert H. Thompson, How to Break Software Security, Addison Wesley, (2003).

Google Scholar

[13] Clemens Szyperski, Component Software: Beyond Object-Oriented Programming, Addison-Wesley, 2nd eds., 2002. ISBN: 0-201-74572-0.

Google Scholar

[14] Ivica Crnkovic and Magnus Larsson, Building Reliable Component-Based Software Systems, Artech House, Norwood, MA 02062, 2002. ISBN: 1-58053-327-2.

Google Scholar

[15] George T. Heineman and William T. Councill eds: Component-Based Software Engineering, Putting the Pieces Together, Addison-Wisley.

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.