Testing Security Properties of Web Services

by Achim D. Brucker

Today's large enterprise systems are service-oriented, i. e., they are built by composing independent components, called services, that encapsulate a certain business functionality. Service-oriented enterprise system impose many challenges in general and in particular with respect to their security. The dynamic nature of service-oriented systems as well as the fact that a service-oriented system is usually composed out of services from many different providers, makes these system a particular interesting target for model-based or specification-based testing approaches. In this talk, we will motivate the challenges of testing service-oriented systems in general and, in particular, we will present an approach for modeling and (conformance) testing security policies for Web services. Our approach is based on previous work in using HOL-TestGen for conformance testing of security policies.

Keywords:
Categories:
Documents:

QR Code for talk:brucker:ws-testing:2012.Please cite this article as follows:
Achim D. Brucker. Testing Security Properties of Web Services. Université Paris Sud, Paris, France, 2. may. 2012.
(slides) (handout) (BibTeX) (Share article on LinkedIn. Share article on CiteULike. )

BibTeX
@Talk{ talk:brucker:ws-testing:2012,
abstract = {Today's large enterprise systems are service-oriented, i. e., they are built by composing independent components, called services, that encapsulate a certain business functionality. Service-oriented enterprise system impose many challenges in general and in particular with respect to their security. The dynamic nature of service-oriented systems as well as the fact that a service-oriented system is usually composed out of services from many different providers, makes these system a particular interesting target for model-based or specification-based testing approaches. In this talk, we will motivate the challenges of testing service-oriented systems in general and, in particular, we will present an approach for modeling and (conformance) testing security policies for Web services. Our approach is based on previous work in using HOL-TestGen for conformance testing of security policies.},
address = {Paris, France},
author = {Achim D. Brucker},
day = {2},
event = {Universit{\'e} Paris Sud},
handout = {https://www.brucker.ch/bibliography/download/2012/talk-brucker-ws-testing-2012-2x2.pdf},
isodate = {2012-05-02},
language = {USenglish},
lecturer = {Achim D. Brucker},
month = {may},
slides = {https://www.brucker.ch/bibliography/download/2012/talk-brucker-ws-testing-2012.pdf},
title = {Testing Security Properties of Web Services},
url = {https://www.brucker.ch/bibliography/abstract/talk-brucker-ws-testing-2012},
year = {2012},
}