Object-Based Data Flow Testing of Web Applications
APAQS '00 Proceedings of the The First Asia-Pacific Conference on Quality Software (APAQS'00)
Web Engineering: Principles And Techniques
Web Engineering: Principles And Techniques
Testing Web Services by XML Perturbation
ISSRE '05 Proceedings of the 16th IEEE International Symposium on Software Reliability Engineering
An agent-based data-flow testing approach for Web applications
Information and Software Technology
Data flow analysis and testing of JSP-based Web applications
Information and Software Technology
Model-Based Security Vulnerability Testing
ASWEC '07 Proceedings of the 2007 Australian Software Engineering Conference
A Three-Tiered Testing Strategy for Cookies
ICST '08 Proceedings of the 2008 International Conference on Software Testing, Verification, and Validation
Visualization and Dependency Analysis for Linkage Structures in Web Applications
ICIW '09 Proceedings of the 2009 Fourth International Conference on Internet and Web Applications and Services
Web Verification: Perspective and Challenges
Electronic Notes in Theoretical Computer Science (ENTCS)
Hi-index | 0.00 |
Web-based application is the most prevalent pattern of software system, and has been widely used in the industry and society. However, its security problem brings great harassment to users, such as system crash and economic loss. So it has attracted lots of attention in both academic and industrial community. Although the existing researches have discussed such problem, they mainly focus on a specific security flaw but fail to provide an overall testing guidance. At first, an overall security testing framework for Web-based application is proposed in the paper. Subsequently, the security testing practice for a real-world Web application is carried out, and the corresponding experiences are reported. Test results show that the security testing framework can provide effectual direction for testing practice and reveal valuable security flaws.