SETAM: An Integrated Model for Software Security Testing Requirements Behavior

被引：0

作者：

Hui, Zhanwei ^{[1
]}

Huang, Song ^{[1
,2
]}

Liu, Xiaoming ^{[1
,2
]}

Hu, Bin ^{[1
,2
]}

机构：

[1] Univ Sci & Technol, Software Testing & Evaluat Ctr PLA, Nanjing 210007, Jiangsu, Peoples R China

[2] PLA Software Test & Evaluat Ctr Mil Training, Nanjing 210007, Jiangsu, Peoples R China

来源：

INFORMATION-AN INTERNATIONAL INTERDISCIPLINARY JOURNAL | 2012年 / 15卷 / 11A期

基金：

国家高技术研究发展计划(863计划);

关键词：

Security testing; Security Adversary testing; Security Use Cases; Misuse Cases;

D O I：

暂无

中图分类号：

T [工业技术];

学科分类号：

08 ;

摘要：

Security requirements engineers usually only need to provide software security requirements (SSR), and they unnecessarily specify software security behavior mechanisms, which are critical not only for software security design but also for software security testing. After discussing the relations and differences between security use cases and misuse cases, and analyzing the relation among software security function testing, software security adversary testing and software security adversary testing, we provide an integrated model, SETAM, for software security testing requirements, which is based on security function testing use cases and adversary testing use cases. And at last, we compare them on different characteristics, and show our experiment results at the end of our paper, which would also illustrate the effectiveness of our model.

引用

页码：4435 / 4442

页数：8

共 50 条

[41] MCP: A Security Testing Tool Driven by Requirements
Mai, Phu X.
Pastore, Fabrizio
Goknil, Arda
Briand, Lionel C.
2019 IEEE/ACM 41ST INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: COMPANION PROCEEDINGS (ICSE-COMPANION 2019), 2019, : 55 - 58
[42] Essential Requirements for Data Security in the Context of Software Metrics
Sastry, B. R.
Saradhi, M. V. Vijaya
INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2010, 10 (01): : 19 - 23
[43] Security and design requirements for software-defined VANETs
Ben Jaballah, Wafa
Conti, Mauro
Lal, Chhagan
COMPUTER NETWORKS, 2020, 169 (169)
[44] Security requirements engineering framework for software product lines
Mellado, Daniel
Fernandez-Medina, Eduardo
Piattini, Mario
INFORMATION AND SOFTWARE TECHNOLOGY, 2010, 52 (10) : 1094 - 1117
[45] EMPIRICALLY ANALYZING AND EVALUATING SECURITY FEATURES IN SOFTWARE REQUIREMENTS
Hayrapetian, Allenoush
Raje, Rajeev
ISEC'18: PROCEEDINGS OF THE 11TH INNOVATIONS IN SOFTWARE ENGINEERING CONFERENCE, 2018,
[46] Special checklist for security requirements in software development site
Hwang, Sun-myung
MUE: 2007 International Conference on Multimedia and Ubiquitous Engineering, Proceedings, 2007, : 1172 - 1176
[47] Security Requirements Management in Software Product Line Engineering
Mellado, Daniel
Fernandez-Medina, Eduardo
Piattini, Mario
E-BUSINESS AND TELECOMMUNICATIONS, 2009, 48 : 250 - +
[48] A software requirement tool for capturing implied security requirements
1600, U.S. Department of Defense (27):
[49] A Novel Approach for Acquiring Training and Software Security Requirements
Fujs, Damjan
Vrhovec, Simon
Vavpotic, Damjan
EUROPEAN INTERDISCIPLINARY CYBERSECURITY - EICC 2020, 2020,
[50] Software design method enhanced by appended security requirements
Lee, ES
Hwang, SM
ADVANCES IN MULTIMEDIA INFORMATION PROCESSING - PCM 2004, PT 1, PROCEEDINGS, 2004, 3331 : 578 - 585

← 1 2 3 4 5 →