Skip to Main Content

IEEE.org| IEEE Xplore Digital Library| IEEE Standards| IEEE Spectrum| More Sites

Cart (Loading....) | Create Account | Sign In

Author Search^beta | Advanced Search | Preferences | | More Search Options

Browse Conference Publications > Software Testing, Verificatio ...

Model-Checking Driven Security Testing of Web-Based Applications

Full Text Sign-In or Purchase

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Username

Password

Purchase PDF
Other Formats

Formats	Non-Member	Member
PDF	$31	$13

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

Already Purchased? View Article
Subscription Options Learn More

5 Author(s)

Armando, A. ; DIST, Univ. of Genova, Genova, Italy ; Carbone, R. ; Compagna, L. ; Keqin Li
more authors

Model checking and security testing are two verification techniques available to help finding flaws in security-sensitive, distributed applications. In this paper, we present an approach to security testing of web-based applications in which test cases are automatically derived from counterexamples found through model checking. We illustrate our approach by discussing its application against of the SAML-based Single Sign-On for Google Apps.

Published in:
Software Testing, Verification, and Validation Workshops (ICSTW), 2010 Third International Conference on

Date of Conference: 6-10 April 2010

Page(s):: 361 - 370
Print ISBN:: 978-1-4244-6773-0
INSPEC Accession Number:: 11305357

Conference Location :: Paris
Digital Object Identifier :: 10.1109/ICSTW.2010.54

Author(s)

Armando, A.
DIST, Univ. of Genova, Genova, Italy
Carbone, R. ; Compagna, L. ; Keqin Li ; Pellegrino, G.

INSPEC: CONTROLLED INDEXING

Internet

distributed processing

program testing

program verification

security of data

INSPEC: NON CONTROLLED INDEXING

Google Apps

SAML-based single sign-on

Web-based application

distributed application

model checking

security testing

security-sensitive application

test case

verification technique

AUTHOR KEYWORDS

model checking

security testing

web-based applications

IEEE TERMS

Application software

Authorization

Automatic testing

Information security

Isolation technology

Logic

Phase detection

Protocols

Software testing

System testing

Referenced Items are not available for this document.

No versions found for this document.

Standards Dictionary Terms are available to subscribers only.

| Create Account

IEEE Account

Purchase Details

Profile Information

Need Help?

US & Canada: +1 800 678 4333
Worldwide: +1 732 981 0060
Contact & Support

IEEE Advancing Technology for Humanity

About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.