The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
This paper presents a framework for vulnerabilities detection of business logic in the software design phase. First, model the business logic in the design phase finite state machine, and extract relevant business processes from the model. Calculate the similarity degree between attack pattern and the business processes. Thus, find out if there are some vulnerabilities in the business logic and generate...
This paper presents an attack scenario based approach for software security testing at design stage. Attack scenarios are represented as extended activity diagram (EAD) and new unified threat model (NUTM). Security test cases are derived from attack scenarios automatically according to coverage criteria of complex attack path. These test cases are applied to test the security of system. According...
This paper presents a unified threat model for assessing threat in web applications. We extend the threat tree model with more semantic and context information about threat to form the new model which is used to analyze and evaluate threat in the software design stage. We utilize historical statistical information contained in this model to design threat mitigation schemes. The threat assessing results...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.