Loading

Framework for Testing the Security of Application Software at Design Phase
Neha Mahendra1, Mohammad Muqeem2

1Mrs. Neha Mahendra, Ph.D. in Computer Application from Integral University, Lucknow, U.P., India.
2Dr. Mohammad Muqeem, Associate Professor in the department of Computer Application, Integral University, Lucknow, UP, India.
Manuscript received on 26 August 2019. | Revised Manuscript received on 02 September 2019. | Manuscript published on 30 September 2019. | PP: 4039-4049 | Volume-8 Issue-11, September 2019. | Retrieval Number: K14880981119/2019©BEIESP | DOI: 10.35940/ijitee.K1488.0981119
Open Access | Ethics and Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)

Abstract: Software security testing is essential to reveal the weaknesses in the security of the system. The security level of the software must be assessed properly and timely so that the security breaches can be prevented to occur otherwise they harm the system. Security testing during designing the software will be advantageous to reduce the rework and expenses required if it will be found insecure after the implementation. Security testing can be achieved efficiently through proper framework at the early stages of software development. Security can be checked at the initial level by taking inputs at the requirement phase and design phase so that loopholes can be found and the propagation of vulnerabilities can be prevented. At requirement phase security requirements can be filtered and then at the next phase designing artifacts can be inspected for security errors. A metric is designed which will grade the software under test and state that whether the system is secured at the proper level or not. In this paper a framework is proposed which is based on metric and the validation of the metric is done through the Weyuker’s property.
Keywords: Security testing framework, requirement phase, design phase, software development life cycle, security metric.
Scope of the Article: Software and System Testing Methods