Web Applications Security Testing Evaluation
An important part of a good security software development program is the ability to determine how things are going. Therefore, it is important to track the results of testing and also apply metrics to this aim. A model to help in evaluating security testing in web applications is presented in this w...
Guardado en:
Autores principales: | , |
---|---|
Formato: | Objeto de conferencia |
Lenguaje: | Inglés |
Publicado: |
2020
|
Materias: | |
Acceso en línea: | http://sedici.unlp.edu.ar/handle/10915/116735 http://49jaiio.sadio.org.ar/pdfs/siiio/SIIIO-09.pdf |
Aporte de: |
id |
I19-R120-10915-116735 |
---|---|
record_format |
dspace |
institution |
Universidad Nacional de La Plata |
institution_str |
I-19 |
repository_str |
R-120 |
collection |
SEDICI (UNLP) |
language |
Inglés |
topic |
Ciencias Informáticas Multicriteria decision methods LSP method Ssoftware security |
spellingShingle |
Ciencias Informáticas Multicriteria decision methods LSP method Ssoftware security Dasso, Aristides Funes, Ana Web Applications Security Testing Evaluation |
topic_facet |
Ciencias Informáticas Multicriteria decision methods LSP method Ssoftware security |
description |
An important part of a good security software development program is the ability to determine how things are going. Therefore, it is important to track the results of testing and also apply metrics to this aim. A model to help in evaluating security testing in web applications is presented in this work. This model is based on the OWASP Web Security Testing Guide (WSTG) and the Logic Score of Preference (LSP) method. Using the LSP method we are able to construct a model that can be of help in assessing compliance respect to the ten-ets of the Check List of the WSTG, during and after testing in an application development project. Since LSP is a multicriteria and multiattribute decision method that allows the creation of models that can give different relevance to the various features under evaluation, in this case –items in the WSTG Check List– it can help in deciding which item or items should be given more impor-tance according to the needs of the project considered. |
format |
Objeto de conferencia Objeto de conferencia |
author |
Dasso, Aristides Funes, Ana |
author_facet |
Dasso, Aristides Funes, Ana |
author_sort |
Dasso, Aristides |
title |
Web Applications Security Testing Evaluation |
title_short |
Web Applications Security Testing Evaluation |
title_full |
Web Applications Security Testing Evaluation |
title_fullStr |
Web Applications Security Testing Evaluation |
title_full_unstemmed |
Web Applications Security Testing Evaluation |
title_sort |
web applications security testing evaluation |
publishDate |
2020 |
url |
http://sedici.unlp.edu.ar/handle/10915/116735 http://49jaiio.sadio.org.ar/pdfs/siiio/SIIIO-09.pdf |
work_keys_str_mv |
AT dassoaristides webapplicationssecuritytestingevaluation AT funesana webapplicationssecuritytestingevaluation |
bdutipo_str |
Repositorios |
_version_ |
1764820446405984258 |