Abstract | ||
---|---|---|
Security testing is a fundamental aspect in many common practices in the field of software testing. Still, the used standard security protocols are typically not questioned and not further analyzed in the testing scenarios. In this work we show that due to this practice, essential potential threats are not detected throughout the testing phase and the quality assurance process. We put our focus mainly on two fundamental problems in the area of security: The definition of the correct attacker model, as well as trusting the client when applying cryptographic algorithms. |
Year | DOI | Venue |
---|---|---|
2015 | 10.1109/ICSTW.2015.7107416 | Software Testing, Verification and Validation Workshops |
Keywords | Field | DocType |
cryptographic protocols,mobile computing,program testing,quality assurance,software quality,tls-ssl,correct attacker model,cryptographic algorithms,mobile applications,quality assurance process,security testing,software testing,standard security protocols,security,tls/ssl,testing,tls ssl,encryption,servers,mobile communication,protocols | Security testing,Cryptographic protocol,Computer science,Computer security,Software security assurance,Cryptography,Cryptographic primitive,Software performance testing,Attacker model,Quality assurance | Conference |
ISSN | Citations | PageRank |
2159-4848 | 1 | 0.37 |
References | Authors | |
3 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Peter Kieseberg | 1 | 187 | 29.39 |
Peter Frühwirt | 2 | 1 | 0.37 |
Sebastian Schrittwieser | 3 | 291 | 35.16 |
Edgar Weippl | 4 | 856 | 105.02 |