Paper Info
Title
Mitigating Security Risks in Systems that Support Pervasive Services and Computing: Access-Driven Verification, Validation and Testing
Abstract
Unique operational and environmental characteristics define pervasive services and computing; they, too, define an ideal atmosphere in which security risks flourish. Ever-present accessibility through the networked and wireless infrastructures, dependency on autonomous and often anonymous computing agents, and the ubiquitous nature of pervasive services make them both enticing and easy targets for ill-intentioned activities. To help mitigate that risk, we propose an adaptive, access-driven verification, validation and testing (VV&T) strategy that, through a Process/Object Model of Computation, (a) identifies those resources and software objects most susceptible to attack, (b) enumerates violable constraints and assumptions underlying those attacks, and (c) provides multi-level strategies incorporating resources, software objects, and constraints and assumptions to determine if, and to what extent, systems supporting pervasive computing are vulnerable to security exploits. The VV&T strategies are defined to accommodate various levels of access to the software development process and its artifacts.
Year
DOI
Venue
2007
10.1109/PERSER.2007.4283900
ICPS
Keywords
Field
DocType
information security,testing,application software,ubiquitous computing,computer networks,exploits,object oriented programming,computational modeling,computer science,object model,system testing,verification,pervasive computing,software testing,vulnerabilities,computer security,software development process
Object-oriented programming,Verification and validation,Computer security,Computer science,Object model,Exploit,Context-aware pervasive systems,Software,Software development process,Ubiquitous computing
Conference
Citations 
PageRank 
References 
1
0.35
8
Authors
4
Name
Order
Citations
PageRank
James D. Arthur124228.49
Anil Bazaz2172.47
Richard E. Nance3597114.92
Osman Balci4872175.02