Skip to main content

Model-based Approach to Security Test Automation

Security functional testing is a costly activity typically
performed by security evaluation laboratories. These
laboratories have struggled to keep pace with increasing
demand to test numerous product variations. This paper
summarizes the results of applying a model-based
approach to automate security functional testing. The
approach involves developing models of security function
specifications (SFS) as the basis for automatic test vector
and test driver generation. In the application, security
properties were modeled and the resulting tests were
executed against Oracle and Interbase database engines
through a fully automated process. The findings indicate
the approach, proven successful in a variety of other
application domains, provides a promising approach to
security functional testing.


Software security is a software quality issue that continues
to grow in importance as software systems manage continually
increasing amounts of critical corporate and personal
information. The use of the Internet to manage and exchange
this data has heightened the need for secure software
architectures, especially Internet-based architectures. At the
same time, shortened development and deployment cycles for
software make it difficult to conduct adequate security
functional testing to verify whether software systems exhibit
the expected security behavior.
Post a Comment

Popular posts from this blog

Compact and Repair an Access Database. Add Ref. to : AdoDb, Jro

< ?xml version="1.0" encoding="utf-8" ?>

using ADODB;
using JRO;
using System.Configuration;
using System.Data.OleDb;
using System.IO;

public class CompactAndRepairAccessDb : System.Windows.Forms.Form
private System.ComponentModel.Container components = null;
private JRO.JetEngine jro;
private System.Windows.Forms.Button btnConfirm;
private System.Windows.Forms.TextBox tbxOriginalDbSize;
private System.Windows.Forms.TextBox tbxCompactedDbSize;
private OleDbConnection cnn;

public CompactAndRepairAccessDb() {

FileInfo fi = new FileInfo( ConfigurationSettings.AppSettings["PathOriginal"] );
int s = Convert.ToInt32( fi.Length/1000 );
this.tbxOriginalDbSize.Text = s.ToString() + " kb";

private void btnConfirm_Click(object sender, System.EventArgs e) {
// First close all instances of the database

Creating ISO images with Nero 5.5 Express

Mark Michaelis' Weblog - August, 2003: "Creating ISO images with Nero 5.5 Express

I recently set up an old computer for my son, Benjamin, as he keeps messing up my wifes desktop and then I have to figure out how to get it back to the way she wants it. Anyway, as part of doing this I didn't want my son putting CDs in and out of the computer as he tends to scratch them. Instead, I decided to create ISO images of them and have him use them directly from the computer using Daemon-Tools. The problem, was how to create ISO images? I had a copy of Nero Express 5.5 but it took me some time to figure out exactly how to get it to make ISO images. (If you happen to have the full version of Nero you can find instructions for creating ISO images here.)

Here are the steps for Nero Express 5.5:

1. Launch Nero Express 5.5 (yes there is a 6 version out there but I don't have it.)
2. Select the Copy Entire Disk option.
3. Click the More>> button.
4. Click the Configure…