The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Mobile devices such as smartphones and tablets are widely used for personal and business uses. Compared to personal mobile subscribers, enterprises have more concerns about mobile device security. The challenges an enterprise may face include unlimited access to corporate resources, lack of encryption on corporate data, unwillingness to backup data, etc. Many of these issues have been resolved by...
We focus on functional testing of enterprise applications with the goal of exercising an application's interesting behaviors by driving it from its user interface. The difficulty in doing this is focusing on the interesting behaviors among an unbounded number of behaviors. We present a new technique for automatically generating tests that drive a web-based application along interesting behaviors,...
In this paper, we study an issue related to the abstraction level of a meta-model through the example of a model-driven approach for specifying, deploying and testing security policies in Java applications. The issue we focus on is the balance between a "generic" meta-model and the semantics we want to attach to it, which ahs to be precise enough. The goal of the original work was to present...
In this paper, we consider typical applications in which the business logic is separated from the access control logic, implemented in an independent component, called the Policy Decision Point (PDP). The execution of functions in the business logic should thus include calls to the PDP, which grants or denies the access to the protected resources/functionalities of the system, depending on the way...
In a real world, it is often in a group setting that sensitive information has to be stored in databases of a server. Although personal information does not need to be stored in a server, the secret information shared by group members is likely to be stored there. The shared sensitive information requires more security and privacy protection. To our best knowledge, there is no paper which deals with...
This position paper proposes a research agenda for the field of security testing. It gives a critical account of the state of the art as seen by a practitioner and identifies questions that research failed to answer so far, or failed to answer in such a way that it would have had an impact in the real world. Three categories of research problems are proposed: theory of vulnerabilities, theory of security...
Collecting data on user activities is one of the fundamental middleware services in Web-enabled systems. The collected data is analyzed and used by various high-level services, like user profiling, accounting, security auditing, and system health monitoring. In this paper, we present architecture and performance evaluation of usage tracking components for service-oriented middleware systems. Presented...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.