SETAM: An Integrated Model for Software Security Testing Requirements Behavior

被引:0
|
作者
Hui, Zhanwei [1 ]
Huang, Song [1 ,2 ]
Liu, Xiaoming [1 ,2 ]
Hu, Bin [1 ,2 ]
机构
[1] Univ Sci & Technol, Software Testing & Evaluat Ctr PLA, Nanjing 210007, Jiangsu, Peoples R China
[2] PLA Software Test & Evaluat Ctr Mil Training, Nanjing 210007, Jiangsu, Peoples R China
来源
INFORMATION-AN INTERNATIONAL INTERDISCIPLINARY JOURNAL | 2012年 / 15卷 / 11A期
基金
国家高技术研究发展计划(863计划);
关键词
Security testing; Security Adversary testing; Security Use Cases; Misuse Cases;
D O I
暂无
中图分类号
T [工业技术];
学科分类号
08 ;
摘要
Security requirements engineers usually only need to provide software security requirements (SSR), and they unnecessarily specify software security behavior mechanisms, which are critical not only for software security design but also for software security testing. After discussing the relations and differences between security use cases and misuse cases, and analyzing the relation among software security function testing, software security adversary testing and software security adversary testing, we provide an integrated model, SETAM, for software security testing requirements, which is based on security function testing use cases and adversary testing use cases. And at last, we compare them on different characteristics, and show our experiment results at the end of our paper, which would also illustrate the effectiveness of our model.
引用
收藏
页码:4435 / 4442
页数:8
相关论文
共 50 条
  • [1] An Integrated Model for Software Security Testing Requirements
    Hui, Zhanwei
    Huang, Song
    Liu, Xiaoming
    Rao, Liping
    FRONTIERS OF MANUFACTURING AND DESIGN SCIENCE II, PTS 1-6, 2012, 121-126 : 1891 - 1895
  • [2] Comparison of SETAM with Security Use Case and Security Misuse Case:A Software Security Testing Study
    HUI Zhanwei1
    2.PLA Military Training Software Test and Evaluation Centre
    WuhanUniversityJournalofNaturalSciences, 2012, 17 (06) : 516 - 520
  • [3] The security requirements behavior model for trustworthy software
    Saleh, Kassem
    Habil, Maryam
    2008 INTERNATIONAL MCETECH CONFERENCE ON E-TECHNOLOGIES, PROCEEDINGS, 2007, : 235 - +
  • [4] Benchmark Requirements for Assessing Software Security Vulnerability Testing Tools
    Parizi, Reza M.
    Qian, Kai
    Shahriar, Hossain
    Wu, Fan
    Tao, Lixin
    2018 IEEE 42ND ANNUAL COMPUTER SOFTWARE AND APPLICATIONS CONFERENCE (COMPSAC), VOL 1, 2018, : 825 - 826
  • [5] An approach to analyze software security requirements in ABAC model
    Thanh-Nhan Luong
    Dinh-Hieu Vo
    Ninh-Thuan Truong
    PROCEEDINGS OF 2019 6TH NATIONAL FOUNDATION FOR SCIENCE AND TECHNOLOGY DEVELOPMENT (NAFOSTED) CONFERENCE ON INFORMATION AND COMPUTER SCIENCE (NICS), 2019, : 184 - 189
  • [6] Comodeling: From Requirements to an Integrated Software/Hardware Model
    Myers, Toby
    Dromey, R. Geoff
    Fritzson, Peter
    COMPUTER, 2011, 44 (04) : 62 - 70
  • [7] Software Testing Model Study Based on Requirements Change
    Liu, Shuping
    Pang, Ling
    PROCEEDINGS OF 2008 INTERNATIONAL PRE-OLYMPIC CONGRESS ON COMPUTER SCIENCE, VOL I: COMPUTER SCIENCE AND ENGINEERING, 2008, : 230 - 233
  • [8] Risk-Based Security Requirements Model for Web Software
    Ezenwoye, Onyeka
    Liu, Yi
    2022 IEEE 30TH INTERNATIONAL REQUIREMENTS ENGINEERING CONFERENCE WORKSHOPS (REW), 2022, : 232 - 237
  • [9] Security requirements for software development
    Kim, TH
    Shin, MC
    Kim, SH
    Cha, JS
    KNOWLEDGE-BASED INTELLIGENT INFORMATION AND ENGINEERING SYSTEMS, PT 3, PROCEEDINGS, 2004, 3215 : 116 - 122
  • [10] Precluding incongruous behavior by aligning software requirements with security and privacy policies
    Antón, AI
    Earp, JB
    Carter, RA
    INFORMATION AND SOFTWARE TECHNOLOGY, 2003, 45 (14) : 967 - 977
12345