Implementation Support of Security Design Patterns Using Test Templates

Security patterns are intended to support software developers as the patterns encapsulate security expert knowledge. However, these patterns may be inappropriately applied because most developers are not security experts, leading to threats and vulnerabilities. Here we propose a support method for s...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Information (Basel) Ročník 7; číslo 2; s. 34
Hlavní autoři: Yoshizawa, Masatoshi, Washizaki, Hironori, Fukazawa, Yoshiaki, Okubo, Takao, Kaiya, Haruhiko, Yoshioka, Nobukazu
Médium: Journal Article
Jazyk:angličtina
Vydáno: MDPI AG 15.06.2016
Témata:
aspect-oriented programming
model-based testing
security patterns
test-driven development
ISSN:2078-2489, 2078-2489
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Security patterns are intended to support software developers as the patterns encapsulate security expert knowledge. However, these patterns may be inappropriately applied because most developers are not security experts, leading to threats and vulnerabilities. Here we propose a support method for security design patterns in the implementation phase of software development. Our method creates a test template from a security design pattern, consisting of an “aspect test template” to observe the internal processing and a “test case template”. Providing design information creates a test from the test template with a tool. Because our test template is reusable, it can easily perform a test to validate a security design pattern. In an experiment involving four students majoring in information sciences, we confirm that our method can realize an effective test, verify pattern applications, and support pattern implementation.
ISSN:2078-2489
2078-2489
DOI:10.3390/info7020034