Skip to main content

Security Testing - II - Web Testing - I

Security Testing - Web Testing 

 Attributes in Security Testing

1. Authentication - The process of denying and granting access to the network resource. Before accessing the system, the process of identifying the user is called authentication.

2. Authorization 
The process of giving permission and restrictions to the users of the system. This is implemented in the access list, user role based and user group based.

3. Confidentiality
The information and services are available only for the authorized and requested user. 

4. Availability  
The availability of the software application is to check the system is available for the authorized users.

5. Integrity 
This ensures that information provided to the user is correct and updated.

6. Non-repudiation 
The process of tracking who access to the systems and which of the request is denied 

7. Resilience 
This is the process of checking the system is resistance to bear the attacks. This is implemented by using encryption and two layer authentication.

Testing Methodologies


1. Black Box - All the information are provided to the tester. 
2. White Box - The information are not provided to the tester. Test with the real world scenarios. 
3. Gray Box - The hybrid of the black box and white box.

Sample Test Scenarios for Security Testing


Thanks and Regards,
Dananji.

Comments

Post a Comment

Popular posts from this blog

Strategies and methods for test case design II

Strategies and methods for test case design Today we are talking about how to get an approach for writing a good test case. Developers cannot prevent or eliminate all the defects raised in the application during implementation. That's why the application should be tested before deliver to the customer. Before starting the execution, we need to identify test scenarios and write test cases for each identified scenarios. Test case is test description which needs to be executed to verify the functionality or feature of the application. A good test case have a good possibility of finding defects. For designing effective test cases, there are two basic strategies that can be used. Black box test strategies White box test strategies Test Strategies Sources Testing Techniques Black Box  Functional requirement specification Equivalence partitioning   Business requirement specification Boundary value analysis   Domain knowledge State Transition Testing     ...
Post a Comment
Read more

Java basic for Selenium - Selenium Tutorial II

Today we are talking about Array. The software tester should have some basic knowledge about java when writing selenium scripts for the validations. Array is a data structure where stored in elements in same data type. The declaration and initialization an array as follows. int[]  Array_a;   or  int  Array_a[]; - This is an integer array. int[10] = Array_num;  - This is an integer array which stores 10 elements. Array_num[0] = 10;    - Assign value 10 to 0 th element of array. (Index [0]) int[]   Array_num = { 1, 2, 3, 4, 5 };  Finding maximum value of an array Finding minimum value of an array Finding average value of an array Find the key of an array Reverse an array The time complexity of this algorithm is   O(n/2)   which is O(N) because we are iterating over array till midpoint only. The initial iteration is happening as follows The...
1 comment
Read more

Strategies and methods for test case design I - Requirement traceability matrix

Requirement traceability matrix Today we are talking how to design requirement traceability matrix for Amazon web page. This is the URL for Amazon  https://www.amazon.com The process for designing requirement traceability matrix is as follows. Identifying business requirement Identifying functional requirement Identifying test scenarios Identifying test cases for each scenarios Finding validation tables for related test cases Identifying business requirement Business requirements are performed for meeting organizational objectives and finding solutions. Business requirement specification is designed by business analyst. The main objective of this document is to find out business solutions for the identified problems. It is covered customer needs and expectation. Use cases are designed after being gathered and validated business requirements. Identifying functional requirement Functional requirement specification is designed as a formal statement of application’s funct...
1 comment
Read more