SETAM: An Integrated Model for Software Security Testing Requirements Behavior

被引：0

作者：

Hui, Zhanwei ^{[1
]}

Huang, Song ^{[1
,2
]}

Liu, Xiaoming ^{[1
,2
]}

Hu, Bin ^{[1
,2
]}

机构：

[1] Univ Sci & Technol, Software Testing & Evaluat Ctr PLA, Nanjing 210007, Jiangsu, Peoples R China

[2] PLA Software Test & Evaluat Ctr Mil Training, Nanjing 210007, Jiangsu, Peoples R China

来源：

INFORMATION-AN INTERNATIONAL INTERDISCIPLINARY JOURNAL | 2012年 / 15卷 / 11A期

基金：

国家高技术研究发展计划(863计划);

关键词：

Security testing; Security Adversary testing; Security Use Cases; Misuse Cases;

D O I：

暂无

中图分类号：

T [工业技术];

学科分类号：

08 ;

摘要：

Security requirements engineers usually only need to provide software security requirements (SSR), and they unnecessarily specify software security behavior mechanisms, which are critical not only for software security design but also for software security testing. After discussing the relations and differences between security use cases and misuse cases, and analyzing the relation among software security function testing, software security adversary testing and software security adversary testing, we provide an integrated model, SETAM, for software security testing requirements, which is based on security function testing use cases and adversary testing use cases. And at last, we compare them on different characteristics, and show our experiment results at the end of our paper, which would also illustrate the effectiveness of our model.

引用

页码：4435 / 4442

页数：8

共 50 条

[21] Research on Software security testing
Tian-yang, Gu
Yin-sheng, Shi
You-yuan, Fang
World Academy of Science, Engineering and Technology, 2010, 70 : 647 - 651
[22] Dynamic software security testing
Stytz, MR
Banks, SB
IEEE SECURITY & PRIVACY, 2006, 4 (03) : 77 - 79
[23] RQCODE: Security Requirements Formalization with Testing
Nigmatullin, Ildar
Sadovykh, Andrey
Ebersold, Sophie
Messe, Nan
TESTING SOFTWARE AND SYSTEMS, ICTSS 2023, 2023, 14131 : 126 - 142
[24] Balancing software and training requirements for information security
Fujs, Damjan
Vrhovec, Simon
Vavpotic, Damjan
COMPUTERS & SECURITY, 2023, 134
[25] Analyzing and Evaluating Security Features in Software Requirements
Malhotra, Ruchika
Chug, Anuradha
Hayrapetian, Allenoush
Raje, Rajeev
2016 1ST INTERNATIONAL CONFERENCE ON INNOVATION AND CHALLENGES IN CYBER SECURITY (ICICCS 2016), 2016, : 26 - 30
[26] Security requirements for ubiquitous software development site
Kim, Tai-hoon
KNOWLEDGE-BASED INTELLIGENT INFORMATION AND ENGINEERING SYSTEMS, PT 2, PROCEEDINGS, 2006, 4252 : 836 - 843
[27] Model of Military Software Security and Vulnerability Testing Based on Extended EAI
Jin Liya
Wang Ronghui
2011 3RD WORLD CONGRESS IN APPLIED COMPUTING, COMPUTER SCIENCE, AND COMPUTER ENGINEERING (ACC 2011), VOL 1, 2011, 1 : 193 - +
[28] Software Security Requirements Engineering: State of the Art
Ramachandran, Muthu
GLOBAL SECURITY, SAFETY AND SUSTAINABILITY: TOMORROW'S CHALLENGES OF CYBER SECURITY, ICGS3 2015, 2015, 534 : 313 - 322
[29] Security requirements variability for software product lines
Mellado, Daniel
Fernandez-Medina, Eduardo
Piattini, Mario
ARES 2008: PROCEEDINGS OF THE THIRD INTERNATIONAL CONFERENCE ON AVAILABILITY, SECURITY AND RELIABILITY, 2008, : 1413 - +
[30] Requirements for Security Enhancements to Legacy Software with RUP
Mocanu, Virgil
INFORMATION SECURITY JOURNAL, 2010, 19 (04): : 226 - 236

← 1 2 3 4 5 →