Konferenzbeitrag
Security testing by Telling TestStories
Lade...
Volltext URI
Dokumententyp
Text/Conference Paper
Dateien
Zusatzinformation
Datum
2010
Zeitschriftentitel
ISSN der Zeitschrift
Bandtitel
Quelle
Verlag
Gesellschaft für Informatik e.V.
Zusammenfassung
Security testing is very important to assure a certain level of reliability in a system. On the system level, security testing has to guarantee that security requirements such as confidentiality, integrity, authentication, authorization, availability and non-repudiation hold. In this paper, we present an approach to system level security testing of service oriented systems that evaluates security requirements. Our approach is based on the Telling TestStories methodology for model-driven system testing. After the elicitation of security requirements, we define a system and a test model. The test model is then transformed to executable test code. We show how traceability between all artifacts can be established and how the tests can be executed focusing on security relevant aspects. All steps are explained based on an industrial case study.