Referenced Items are not available for this document.
The automatic testing tools of component security bring great effect on component-based software engineering, and they can effectively ensure the security of component-based software. A prototype tool named CSTS (component security testing system) is designed and implemented to test the security of the widely-used COTS (Commercial-off-the-Shelf) Microsoft COM (component object model) component. CSTS, a GUI (graphical user interface) software, adopts both static and dynamic testing based on fault injection and dynamic monitoring. Firstly, CSTS analyzes component type information and statically injects parameter faults into interface methods. Secondly, environment faults such as memory fault, file fault and process fault are injected into the tested component when the component is driven. Dynamic monitoring mechanism can monitor the running process of component and analyze the component security exceptions. Some commercial components were tested in the CSTS. The experimental results show that CSTS is effective and operable.
Published in:
Hybrid Intelligent Systems, 2009. HIS '09. Ninth International Conference on
(Volume:3
)
Date of Conference: 12-14 Aug. 2009
- Page(s):
- 83 - 88
- Print ISBN:
- 978-0-7695-3745-0
- INSPEC Accession Number:
- 10891325
- Conference Location :
- Shenyang
- Digital Object Identifier :
- 10.1109/HIS.2009.229
- Product Type:
- Conference Publications
About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies
A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
