Skip to main content

Model-based Approach to Security Test Automation

Security functional testing is a costly activity typically
performed by security evaluation laboratories. These
laboratories have struggled to keep pace with increasing
demand to test numerous product variations. This paper
summarizes the results of applying a model-based
approach to automate security functional testing. The
approach involves developing models of security function
specifications (SFS) as the basis for automatic test vector
and test driver generation. In the application, security
properties were modeled and the resulting tests were
executed against Oracle and Interbase database engines
through a fully automated process. The findings indicate
the approach, proven successful in a variety of other
application domains, provides a promising approach to
security functional testing.


Software security is a software quality issue that continues
to grow in importance as software systems manage continually
increasing amounts of critical corporate and personal
information. The use of the Internet to manage and exchange
this data has heightened the need for secure software
architectures, especially Internet-based architectures. At the
same time, shortened development and deployment cycles for
software make it difficult to conduct adequate security
functional testing to verify whether software systems exhibit
the expected security behavior.
Post a Comment

Popular posts from this blog

Compact and Repair an Access Database. Add Ref. to : AdoDb, Jro

< ?xml version="1.0" encoding="utf-8" ?>

using ADODB;
using JRO;
using System.Configuration;
using System.Data.OleDb;
using System.IO;

public class CompactAndRepairAccessDb : System.Windows.Forms.Form
private System.ComponentModel.Container components = null;
private JRO.JetEngine jro;
private System.Windows.Forms.Button btnConfirm;
private System.Windows.Forms.TextBox tbxOriginalDbSize;
private System.Windows.Forms.TextBox tbxCompactedDbSize;
private OleDbConnection cnn;

public CompactAndRepairAccessDb() {

FileInfo fi = new FileInfo( ConfigurationSettings.AppSettings["PathOriginal"] );
int s = Convert.ToInt32( fi.Length/1000 );
this.tbxOriginalDbSize.Text = s.ToString() + " kb";

private void btnConfirm_Click(object sender, System.EventArgs e) {
// First close all instances of the database

VBScript to Automate login into gmail

Dim IE
Dim crtScreen
Set IE = CreateObject("InternetExplorer.Application")
USERNAME = "saudaziz"

With IE
.navigate ""
End With

'wait a while until IE as finished to load
Do while IE.busy
set WshShell = WScript.CreateObject("WScript.Shell")
Do While UCase(IE.Document.readyState) <> "COMPLETE"
WScript.Sleep 100
set WshShell=nothing
IE.document.all.Item("Email").value = USERNAME
IE.document.all.Item("pASSWD").value =pASSWORD
Set IE = Nothing