Security testing by Telling TestStories
Abstract
Security testing is very important to assure a certain level of reliability in a system. On the system level, security testing has to guarantee that security requirements such as confidentiality, integrity, authentication, authorization, availability and non-repudiation hold. In this paper, we present an approach to system level security testing of service oriented systems that evaluates security requirements. Our approach is based on the Telling TestStories methodology for model-driven system testing. After the elicitation of security requirements, we define a system and a test model. The test model is then transformed to executable test code. We show how traceability between all artifacts can be established and how the tests can be executed focusing on security relevant aspects. All steps are explained based on an industrial case study.
- Citation
- BibTeX
Felderer, M., Agreiter, B., Breu, R. & Armenteros, A.,
(2010).
Security testing by Telling TestStories.
In:
Engels, G., Karagiannis, D. & Mayr, H. C.
(Hrsg.),
Modellierung 2010.
Bonn:
Gesellschaft für Informatik e.V..
(S. 195-202).
@inproceedings{mci/Felderer2010,
author = {Felderer, Michael AND Agreiter, Berthold AND Breu, Ruth AND Armenteros, Alvaro},
title = {Security testing by Telling TestStories},
booktitle = {Modellierung 2010},
year = {2010},
editor = {Engels, Gregor AND Karagiannis, Dimitris AND Mayr, Heinrich C.} ,
pages = { 195-202 },
publisher = {Gesellschaft für Informatik e.V.},
address = {Bonn}
}
author = {Felderer, Michael AND Agreiter, Berthold AND Breu, Ruth AND Armenteros, Alvaro},
title = {Security testing by Telling TestStories},
booktitle = {Modellierung 2010},
year = {2010},
editor = {Engels, Gregor AND Karagiannis, Dimitris AND Mayr, Heinrich C.} ,
pages = { 195-202 },
publisher = {Gesellschaft für Informatik e.V.},
address = {Bonn}
}
Haben Sie fehlerhafte Angaben entdeckt? Sagen Sie uns Bescheid: Send Feedback
More Info
ISBN: 978-3-88579-255-0
ISSN: 1617-5468
xmlui.MetaDataDisplay.field.date: 2010
Language:
(en)

Content Type: Text/Conference Paper