Cookies: A deployment study and the testing implications
ACM Transactions on the Web (TWEB)
Practical elimination of external interaction vulnerabilities in web applications
Journal of Web Engineering
Engineering a distributed e-voting system architecture: meeting critical requirements
ISARCS'10 Proceedings of the First international conference on Architecting Critical Systems
Mitigating program security vulnerabilities: Approaches and challenges
ACM Computing Surveys (CSUR)
Automated cookie collection testing
ACM Transactions on Software Engineering and Methodology (TOSEM)
A case study on bypass testing of web applications
Empirical Software Engineering
Hi-index | 0.00 |
The technological advancements of web-based systems and the shift to iterative and evolutionary development processes have given rise to the idea of agile security testing, where the principles and practices of agile testing are applied to the domain of security testing. This paper explores common vulnerabilities for web applications and proposes two synergistic approaches for mitigating them. The first approach is to employ a highly testable architecture in the development of web-based systems, and the second is to support the security testing process using the open source unit testing framework HTTPUnit. The overall testing strategy mingles well with agile development efforts and gives the development team an opportunity to produce applications that have the "right" functionality and the "right" level of security.