Agile Security Testing of Web-Based Systems via HTTPUnit

Denver, Colorado July 24-July 29

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ADC.2005.11

Agile Development Conference (ADC'05)

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by A. Tappenden Articles by P. Beatty Articles by J. Miller

	ASCII Text	x
	A. Tappenden, P. Beatty, J. Miller, "Agile Security Testing of Web-Based Systems via HTTPUnit," Agile Development Conference/Australasian Database Conference, pp. 29-38, Agile Development Conference (ADC'05), 2005.

	BibTex	x
	@article{ 10.1109/ADC.2005.11, author = {A. Tappenden and P. Beatty and J. Miller}, title = {Agile Security Testing of Web-Based Systems via HTTPUnit}, journal ={Agile Development Conference/Australasian Database Conference}, volume = {0}, year = {2005}, isbn = {0-7695-2487-7}, pages = {29-38}, doi = {http://doi.ieeecomputersociety.org/10.1109/ADC.2005.11}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Agile Development Conference/Australasian Database Conference TI - Agile Security Testing of Web-Based Systems via HTTPUnit SN - 0-7695-2487-7 SP29 EP38 A1 - A. Tappenden, A1 - P. Beatty, A1 - J. Miller, PY - 2005 KW - null VL - 0 JA - Agile Development Conference/Australasian Database Conference ER -

A. Tappenden, University of Alberta, Canada

P. Beatty, University of Alberta, Canada

J. Miller, University of Alberta, Canada

The technological advancements of web-based systems and the shift to iterative and evolutionary development processes have given rise to the idea of agile security testing, where the principles and practices of agile testing are applied to the domain of security testing. This paper explores common vulnerabilities for web applications and proposes two synergistic approaches for mitigating them. The first approach is to employ a highly testable architecture in the development of web-based systems, and the second is to support the security testing process using the open source unit testing framework HTTPUnit. The overall testing strategy mingles well with agile development efforts and gives the development team an opportunity to produce applications that have the "right" functionality and the "right" level of security.

Citation:

A. Tappenden, P. Beatty, J. Miller, "Agile Security Testing of Web-Based Systems via HTTPUnit," adc, pp.29-38, Agile Development Conference (ADC'05), 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.