D Zone

Security Testing - Web Testing  Attributes in Security Testing 1. Authentication - The process of denying and granting access to the network resource. Before accessing the system, the process of identifying the user is called authentication. 2. Authorization   The process of giving permission and restrictions to the users of the system. This is implemented in the access list, user role based and user group based. 3. Confidentiality The information and services are available only for the authorized and requested user.  4. Availability    The availability of the software application is to check the system is available for the authorized users. 5. Integrity   This ensures that information provided to the user is correct and updated. 6. Non-repudiation   The process of tracking who access to the systems and which of the request is denied  7. Resilience   This is the process of checking the ...

Security Testing - Web Testing  Security is set of measures to protect an application against unpredictable actions that causes it to terminate functioning. Security testing is a process intended to reveal flaws in the security mechanisms of an information system that protect data and maintain functionality as intended. This is type of non functional testing. For minimizing the defects by identifying threats in the system and cost of quality, the security testing must be started at the early stage of Software development life cycle. The following figure is shown the relation between Software development life cycle and security testing . Test plan should includes Test scenarios and test cases related to the security. Test data related to the security test cases. Test tools for security testing and test outputs on the different test tools Security Testing Approach 1. Identify all the business requirements, security goals ...