Abstract
Early identification of defects and prevention of defects migration are key goals of the software security testing process. Early integration of security testing activities into the development lifecycle leads to secure software development. The prescribed key activities of security testing are closely interconnected with security development life cycle to deliver secure software. Software test process elaborates various testing activities and describes which activity is to be carried out when. Given the need and significance of phased approach of security testing, this paper proposes different testing activities to be carried out while integrating it within the security development life cycle.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Abrams, M.D.: FAA System Security Testing and Evaluation. MITRE Technical Report (May 2003)
Turpe, S.: Security Testing: Turning Practice into Theory. In: IEEE International Conference on Software Testing, Verification and Validation Workshop (ICSTW 2008). IEEE Computer Society (2008)
He, K., Feng, Z., Li, X.: An Attack Scenario Based Approach for Software Security Testing at Design Stage. In: 2008 International Symposium on Computer Science and Computational Technology, pp. 782–787. IEEE Computer Society (2008)
Gu, T.-Y., Shi, Y.-S., Fang, Y.-U.: Research on Software Security Testing. World Academy of Science, Engineering and Technology, 647–651 (2010)
Software Security Testing, Software Assurance Pocket Guide Series: Development, Volume III, Version 1.0 (May 21, 2012)
Potter, B., McGraw, G.: Software Security Testing. IEEE Security & Privacy, 32–36 (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Khan, S.A., Khan, R.A. (2013). Software Security Testing Process: Phased Approach. In: Agrawal, A., Tripathi, R.C., Do, E.YL., Tiwari, M.D. (eds) Intelligent Interactive Technologies and Multimedia. IITM 2013. Communications in Computer and Information Science, vol 276. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-37463-0_19
Download citation
DOI: https://doi.org/10.1007/978-3-642-37463-0_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-37462-3
Online ISBN: 978-3-642-37463-0
eBook Packages: Computer ScienceComputer Science (R0)