RAILROADMAP: An agile security testing framework for web-application development

Seiji Munetoh; Nobukazu Yoshioka

doi:10.1109/ICST.2013.80

RAILROADMAP: An agile security testing framework for web-application development

Seiji Munetoh, Nobukazu Yoshioka

Research output: Contribution to conference › Paper › peer-review

2 Citations (Scopus)

Abstract

We propose a model-assisted security testing framework for developing Web applications. We devised a tool called 'RailroadMap' that automatically extracts a behavior model from the code base of Ruby-on-Rails. This model provides a unified point of view for analyzing security problems by representing an application's behavior, which includes all security functions and possible attack scenarios.

Original language	English
Pages	491-492
Number of pages	2
DOIs	https://doi.org/10.1109/ICST.2013.80
Publication status	Published - 2013
Externally published	Yes
Event	IEEE 6th International Conference on Software Testing, Verification and Validation, ICST 2013 - Luxembourg, Luxembourg Duration: 2013 May 18 → 2013 May 20

Conference

Conference	IEEE 6th International Conference on Software Testing, Verification and Validation, ICST 2013
Country/Territory	Luxembourg
City	Luxembourg
Period	13/5/18 → 13/5/20

ASJC Scopus subject areas

Software

Access to Document

10.1109/ICST.2013.80

Cite this

@conference{e67926f835f548568e6ddd65ad07ef13,

title = "RAILROADMAP: An agile security testing framework for web-application development",

abstract = "We propose a model-assisted security testing framework for developing Web applications. We devised a tool called 'RailroadMap' that automatically extracts a behavior model from the code base of Ruby-on-Rails. This model provides a unified point of view for analyzing security problems by representing an application's behavior, which includes all security functions and possible attack scenarios.",

author = "Seiji Munetoh and Nobukazu Yoshioka",

year = "2013",

doi = "10.1109/ICST.2013.80",

language = "English",

pages = "491--492",

note = "IEEE 6th International Conference on Software Testing, Verification and Validation, ICST 2013 ; Conference date: 18-05-2013 Through 20-05-2013",

}

TY - CONF

T1 - RAILROADMAP

T2 - IEEE 6th International Conference on Software Testing, Verification and Validation, ICST 2013

AU - Munetoh, Seiji

AU - Yoshioka, Nobukazu

PY - 2013

Y1 - 2013

N2 - We propose a model-assisted security testing framework for developing Web applications. We devised a tool called 'RailroadMap' that automatically extracts a behavior model from the code base of Ruby-on-Rails. This model provides a unified point of view for analyzing security problems by representing an application's behavior, which includes all security functions and possible attack scenarios.

AB - We propose a model-assisted security testing framework for developing Web applications. We devised a tool called 'RailroadMap' that automatically extracts a behavior model from the code base of Ruby-on-Rails. This model provides a unified point of view for analyzing security problems by representing an application's behavior, which includes all security functions and possible attack scenarios.

UR - http://www.scopus.com/inward/record.url?scp=84883372117&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84883372117&partnerID=8YFLogxK

U2 - 10.1109/ICST.2013.80

DO - 10.1109/ICST.2013.80

M3 - Paper

AN - SCOPUS:84883372117

SP - 491

EP - 492

Y2 - 18 May 2013 through 20 May 2013

ER -

RAILROADMAP: An agile security testing framework for web-application development

Abstract

Conference

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this