Testing the
Security of Web-Based Sales Services
José García-Fanjul, Ángel Goitia, Javier Tuya, José AA. Corrales
In: International Conference on Information Systems Analysis and Synthesis,
Orlando, Florida, 1999
(ps.zip)
Abstract
Testing is one of the essential phases of systems development, yet it is an
especially important one when it comes to security issues. On regular
information systems this is a recognized fact, but for Web-based sales services
the voice of users has clearly stated they will not participate on an insecure
market. Therefore we have to double our efforts on the testing phase and
discover bugs that would compromise the privacy or security of the system.
The interest of our group is on the development of Web-based sales services,
specially regarding the modeling. Funded under CYBERMERCADO project, we have
produced a model to develop Web-based sales services called CITIES. The final
phases of our work included a research of possible security breaches for the
implemented prototypes and this paper summarizes the results of our research.
Index - Testing
- Personal Page