Verifying implementation of security design patterns using a test template

Masatoshi Yoshizawa, Takanori Kobashi, Hironori Washizaki, Yoshiaki Fukazawa, Takao Okubo, Haruhiko Kaiya, Nobukazu Yoshioka

研究成果: Conference contribution

5 被引用数 (Scopus)

抄録

Although security patterns contain security expert knowledge to support software developers, these patterns may be inappropriately applied because most developers are not security specialists, leading to threats and vulnerabilities. Here we propose a validation method for security design patterns in the implementation phase of software development. Our method creates a test template from a security design pattern, which consists of the 'aspect test template' to observe the internal processing and the 'test case template'. Providing design information creates a test from the test template. Because a test template is recyclable, it can create easily a test, which can validate the security design patterns. As a case study, we applied our method to a web system. The result shows that our method can test repetition in the early stage of implementation, verify pattern applications, and assess whether vulnerabilities are resolved.

本文言語English
ホスト出版物のタイトルProceedings - 9th International Conference on Availability, Reliability and Security, ARES 2014
出版社Institute of Electrical and Electronics Engineers Inc.
ページ178-183
ページ数6
ISBN(電子版)9781479942237
DOI
出版ステータスPublished - 2014 12 9
イベント9th International Conference on Availability, Reliability and Security, ARES 2014 - Fribourg, Switzerland
継続期間: 2014 9 82014 9 12

出版物シリーズ

名前Proceedings - 9th International Conference on Availability, Reliability and Security, ARES 2014

Conference

Conference9th International Conference on Availability, Reliability and Security, ARES 2014
国/地域Switzerland
CityFribourg
Period14/9/814/9/12

ASJC Scopus subject areas

  • 安全性、リスク、信頼性、品質管理

フィンガープリント

「Verifying implementation of security design patterns using a test template」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル