| 基于模糊测试的软件安全性测试框架的研究与设计 |
| |
| 引用本文: | 苑立娟,张育玉.基于模糊测试的软件安全性测试框架的研究与设计[J].煤炭技术,2010,29(8). |
| |
| 作者姓名: | 苑立娟 张育玉 |
| |
| 作者单位: | 1. 保定学院信息技术系,河北,保定,071000
2. 保定学院组织部,河北,保定,071000 |
| |
| 摘 要: | 在一个软件还未形成之前,测试工作已经介入,在这之前安全性问题是要考虑的重要元素之一。安全性测试在实物软件开发之前应该提前规划并开始实施。为了通过软件测试找出安全隐患,本文针对软件隐含的安全漏洞进行深入研究,将软件的安全漏洞测试工作分为安全性测试规划、伴随测试、整合测试3个阶段,概念性和动作性2个区域。模糊测试在测试中效率较高,适合安全漏洞测试,结合实践测试,提出基于模糊测试的软件安全性测试架构,在软件从无到有的整个过程中找出潜在的安全性问题,进而可以有效提升软件系统的安全性。
|
| 关 键 词: | 模糊测试 软件安全 测试框架 |
Research and Design of Software Security Testing Frame-work Based of Fuzz Testing |
| |
| YUAN Li-juan,ZHANG Yu-yu.Research and Design of Software Security Testing Frame-work Based of Fuzz Testing[J].Coal Technology,2010,29(8). |
| |
| Authors: | YUAN Li-juan ZHANG Yu-yu |
| |
| Abstract: | Before the software has not yet formed,the testing has been involved in,prior to this security problem is one of the important elements to consider.Security testing should be planned ahead before the physical software development.In order to identify security risks through software testing,software security vulnerabilities test is divided into security testing plan,along with testing,integration testing in three phases,conceptual and action of two regions.Fuzz is testing more efficient in testing,based on fuzzy test which is suitable for testing for security vulnerabilities and combined with practical test proposes software security testing frame-work so as to identify potential security issues in the whole software process and effectively enhance the security of the software systems. |
| |
| Keywords: | fuzz testing software security testing frame-work |
| 本文献已被 万方数据 等数据库收录! |
|
