학술논문
Model-Checking Driven Security Testing of Web-Based Applications
Document Type
Conference
Source
2010 Third International Conference on Software Testing, Verification, and Validation Workshops Software Testing, Verification, and Validation Workshops (ICSTW), 2010 Third International Conference on. :361-370 Apr, 2010
Subject
Language
Abstract
Model checking and security testing are two verification techniques available to help finding flaws in security-sensitive, distributed applications. In this paper, we present an approach to security testing of web-based applications in which test cases are automatically derived from counterexamples found through model checking. We illustrate our approach by discussing its application against of the SAML-based Single Sign-On for Google Apps.