2013 | OriginalPaper | Buchkapitel
A Framework for Security Testing
verfasst von : Daya Gupta, Kakali Chatterjee, Shruti Jaiswal
Erschienen in: Computational Science and Its Applications – ICCSA 2013
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
The goal of security testing is to verify and validate the potentiality of different vulnerabilities. For identified threats ensure that security mechanism deployed during design really mitigate the threats at vulnerable points. This requires checking that during functionality execution the threats to the assets really get mitigated. In this paper we propose a Framework for Security Testing that involves identifying different attacks that are possible by different stakeholders or intruders for each functionality offered by the system. Next we validate that the design decision taken to implement the security requirement associated with that functionality is appropriate to mitigate identified threats and risks on assets involved. Finally a test report template is designed which can be used to review the deployed security mechanism.