A model based testing method for Software Security Assurance
Journal Title: International Journal for Research in Applied Science and Engineering Technology (IJRASET) - Year 2016, Vol 4, Issue 4
Abstract
The importance of software security assurance is growing, but traditional development techniques have not kept pace with this need. New cost-effective tools for software quality and security assurance (SSA) are needed. This is consistent with the possible harm that could be result from the loss, incorrectness, alteration, unavailability, or misuse of the data and resources that uses, controls, and protects. This testing likes a penetration testing model to test the given software model. A penetration test can help verify whether a system is vulnerable to attack, if the defenses were sufficient, and which defenses the test defeated. Given a software model convert into Model-Implementation Description specification. The MID specification uses Petri net to capture both control and data-related requirements for functional testing, access control testing and penetration (pen test) testing with threat models. This model generates test code that can be executed quickly with the implementation under test, presents an automated test generation technique for integrated functional and security level testing of software systems. After generating test cases from the test model according to a given criterion, test code converts the test cases into executable test code by mapping model-level elements into implementation-level constructor. MISTA has implemented test generators for various test coverage criteria of test models, code generators for various scripting and programming languages, and test execution environments such as Java, C, C#, php, visual basic and HTML-Selenium IDE. MISTA has been applied to the functional and security testing of various real-world software systems. Security level testing based on the security assurance components are authentication, authorization, confidentially, availability, integrity and non-repudiation.
Authors and Affiliations
R. Nivesh, Dr. C. Chellappan
Keywords
Related Articles
- EP ID EP22068
- DOI -
- Views 203
- Downloads 4
Experimental Investigation of Industrial by - Products Concrete Filled Mild Steel Tubular Columns with GFRP Wrapping
Concrete filled steel tubular columns are becoming widely used in engineering. Composite structural members provide a cost-effective alternative to traditional structural steel or reinforced concrete columns. The use of...
Performance of Fiber Reinforced Concrete from Recycled Pet Plastic Waste- A Study Review
Concrete is a composite material consisting of various ingredients such as cement, coarse aggregate, fine aggregate and has done wonders in the construction industry. The recent use of the concrete has constrained many...
slugIdentification of Suitable Site for Possible Ground Water Recharge in South-West District of Delhi
India is endowed with a rich and vast diversity of natural resources, water being one of them. The Average Annual Runoff available in India is 1869 BCM (Billion Cubic Meter) of which only 1123 BCM is estimated as utiliz...
Intelligent Speed Observing in Transportation system Using ARM 9
Radio Frequency Identification (RFID) has attracted considerable attentions in recent years for its broad applications and complements to the current GPS navigation system when GPS signals are not available But in pract...
Synthesis of POA and study of its conducting and gas sensing properties
In this work, the poly (o-anisidine) (POA) powder was synthesized by chemical synthesis route. The resulting POA powder was characterized by UV-Visible absorption spectroscopy. A pellet of synthesized powder was prepare...