Model-Checking Driven Security Testing of Web-Based Applications

Authors:
Alessandro Armando;Roberto Carbone;Luca Compagna;Keqin Li;Giancarlo Pellegrino
Affiliations:
-;-;-;-;-
Venue:
ICSTW '10 Proceedings of the 2010 Third International Conference on Software Testing, Verification, and Validation Workshops
Year:
2010

Citing 0
Cited 3

From model-checking to automated testing of security protocols: bridging the gap

TAP'12 Proceedings of the 6th international conference on Tests and Proofs
SETER: Towards Architecture-Model Based Security Engineering

International Journal of Secure Software Engineering
Modeling test cases for security protocols with SecureMDD

Computer Networks: The International Journal of Computer and Telecommunications Networking

Quantified Score

Hi-index	0.00

Visualization

Abstract

Model checking and security testing are two verification techniques available to help finding flaws in security-sensitive, distributed applications. In this paper, we present an approach to security testing of web-based applications in which test cases are automatically derived from counterexamples found through model checking. We illustrate our approach by discussing its application against of the SAML-based Single Sign-On for Google Apps.