Title :
A Concept for Language-Oriented Security Testing
Author :
Zech, Philipp ; Felderer, Michael ; Farwick, Matthias ; Breu, Ruth
Author_Institution :
Inst. of Comput. Sci., Univ. of Innsbruck, Innsbruck, Austria
Abstract :
Today´s ongoing trend towards intense usage of web service based applications in daily business and everybody´s daily life poses new challenges for security testing. Additionally, such applications mostly not execute in their own runtime environment but instead are deployed in some data center, run alongside multiple other applications, and serve different purposes for sundry user domains with diverging security requirements. As a consequence, security testing also has to adapt to be able to meet the necessary requirements for each application in its domain and its specific security requirements. In addition, security testing needs to be feasible for both service providers and consumers. In our paper we identify drawbacks of existing security testing approaches and provide directions for meeting emerging challenges in future security testing approaches. We also introduce and describe the idea of language-oriented security testing, a novel testing approach building upon domain-specific languages and domain knowledge to meet future requirements in security testing.
Keywords :
Web services; high level languages; program testing; security of data; Web service based applications; domain knowledge; domain-specific languages; language-oriented security testing; software testing; Automation; Business; Cloud computing; Security; Testing; Domainspecific Language; Languageoriented Programming; Security Testing; Servicecentric Systems;
Conference_Titel :
Software Security and Reliability-Companion (SERE-C), 2013 IEEE 7th International Conference on
Conference_Location :
Gaithersburg, MD
Print_ISBN :
978-1-4799-2924-5
DOI :
10.1109/SERE-C.2013.16
