Proceedings ArticleDOI
A Concept for Language-Oriented Security Testing
Philipp Zech,Michael Felderer,Matthias Farwick,Ruth Breu +3 more
- pp 53-62
TLDR
The idea of language-oriented security testing is introduced, a novel testing approach building upon domain-specific languages and domain knowledge to meet future requirements in security testing.Abstract:
Today's ongoing trend towards intense usage of web service based applications in daily business and everybody's daily life poses new challenges for security testing. Additionally, such applications mostly not execute in their own runtime environment but instead are deployed in some data center, run alongside multiple other applications, and serve different purposes for sundry user domains with diverging security requirements. As a consequence, security testing also has to adapt to be able to meet the necessary requirements for each application in its domain and its specific security requirements. In addition, security testing needs to be feasible for both service providers and consumers. In our paper we identify drawbacks of existing security testing approaches and provide directions for meeting emerging challenges in future security testing approaches. We also introduce and describe the idea of language-oriented security testing, a novel testing approach building upon domain-specific languages and domain knowledge to meet future requirements in security testing.read more
Citations
More filters
Proceedings Article
SOA in Practice.
TL;DR: From the combination of knowledge and actions, someone can improve their skill and ability and this will lead them to live and work much better.
Journal ArticleDOI
Knowledge-based security testing of web applications by logic programming
TL;DR: The method and its model-based tool implementation are evaluated in two studies, which show the method’s effectiveness in detecting vulnerabilities in web applications and thus, also its value in making software system more secure.
References
More filters
Journal ArticleDOI
A view of cloud computing
Michael Armbrust,Armando Fox,Rean Griffith,Anthony D. Joseph,Randy H. Katz,Andy Konwinski,Gunho Lee,David A. Patterson,Ariel Rabkin,Ion Stoica,Matei Zaharia +10 more
TL;DR: The clouds are clearing the clouds away from the true potential and obstacles posed by this computing capability.
Book
Foundations of logic programming
TL;DR: This is the second edition of an account of the mathematical foundations of logic programming, which collects, in a unified and comprehensive manner, the basic theoretical results of the field, which have previously only been available in widely scattered research papers.
Journal ArticleDOI
An empirical study of the reliability of UNIX utilities
TL;DR: The following section describes the tools built to test the utilities, including the fuzz (random character) generator, ptyjig (to test interactive utilities), and scripts to automate the testing process.
Journal ArticleDOI
A Taxonomy of Model Transformation
Tom Mens,Pieter Van Gorp +1 more
TL;DR: In this paper, a taxonomy of model transformation is proposed based on the discussions of a working group on model transformation of the Dagstuhl seminar on Language Engineering for Model-Driven Software Development.
Book
Domain-specific languages
TL;DR: This book covers a variety of different techniques available for DSLs and can be used with whatever programming language you happen to be using, most of the examples are in Java or C#.