Web Applications Security Testing Evaluation

An important part of a good security software development program is the ability to determine how things are going. Therefore, it is important to track the results of testing and also apply metrics to this aim. A model to help in evaluating security testing in web applications is presented in this w...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: Dasso, Aristides, Funes, Ana
Formato: Objeto de conferencia
Lenguaje:Inglés
Publicado: 2020
Materias:
Ciencias Informáticas
Multicriteria decision methods
LSP method
Ssoftware security
Acceso en línea:http://sedici.unlp.edu.ar/handle/10915/116735
http://49jaiio.sadio.org.ar/pdfs/siiio/SIIIO-09.pdf
Aporte de:
SEDICI (UNLP) de Universidad Nacional de La Plata
id I19-R120-10915-116735
record_format dspace
institution Universidad Nacional de La Plata
institution_str I-19
repository_str R-120
collection SEDICI (UNLP)
language Inglés
topic Ciencias Informáticas
Multicriteria decision methods
LSP method
Ssoftware security
spellingShingle Ciencias Informáticas
Multicriteria decision methods
LSP method
Ssoftware security
Dasso, Aristides
Funes, Ana
Web Applications Security Testing Evaluation
topic_facet Ciencias Informáticas
Multicriteria decision methods
LSP method
Ssoftware security
description An important part of a good security software development program is the ability to determine how things are going. Therefore, it is important to track the results of testing and also apply metrics to this aim. A model to help in evaluating security testing in web applications is presented in this work. This model is based on the OWASP Web Security Testing Guide (WSTG) and the Logic Score of Preference (LSP) method. Using the LSP method we are able to construct a model that can be of help in assessing compliance respect to the ten-ets of the Check List of the WSTG, during and after testing in an application development project. Since LSP is a multicriteria and multiattribute decision method that allows the creation of models that can give different relevance to the various features under evaluation, in this case –items in the WSTG Check List– it can help in deciding which item or items should be given more impor-tance according to the needs of the project considered.
format Objeto de conferencia
Objeto de conferencia
author Dasso, Aristides
Funes, Ana
author_facet Dasso, Aristides
Funes, Ana
author_sort Dasso, Aristides
title Web Applications Security Testing Evaluation
title_short Web Applications Security Testing Evaluation
title_full Web Applications Security Testing Evaluation
title_fullStr Web Applications Security Testing Evaluation
title_full_unstemmed Web Applications Security Testing Evaluation
title_sort web applications security testing evaluation
publishDate 2020
url http://sedici.unlp.edu.ar/handle/10915/116735
http://49jaiio.sadio.org.ar/pdfs/siiio/SIIIO-09.pdf
work_keys_str_mv AT dassoaristides webapplicationssecuritytestingevaluation
AT funesana webapplicationssecuritytestingevaluation
bdutipo_str Repositorios
_version_ 1764820446405984258

Ejemplares similares