|
|||||
|
|
Security Attack Testing (SAT)—testing the security of information systems at design time |
|
| Authors: | Haralambos Mouratidis Paolo Giorgini |
| Affiliation: | aSchool of Computing and Technology, University of East London, UK bDepartment of Information and Communication Technology, University of Trento, Italy |
| Abstract: | For the last few years a considerable number of efforts have been devoted into integrating security issues into information systems development practices. This has led to a number of languages, methods, methodologies and techniques for considering security issues during the developmental stages of an information system. However, these approaches mainly focus on security requirements elicitation, analysis and design issues and neglect testing. This paper presents the Security Attack Testing (SAT) approach, a novel scenario-based approach that tests the security of an information system at the design time. The approach is illustrated with the aid of a real-life case study involving the development of a health and social care information system. |
| Keywords: | Information systems development methodology Integrating security and software engineering Scenarios Information system security testing |
| 本文献已被 ScienceDirect 等数据库收录! | |