Specification-Based Testing of Firewalls

Jürjens, Jan; Wimmel, Guido

doi:10.1007/3-540-45575-2_31

Cited by 36 publications

(30 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Jür-jens and Wimmel investigated the automated generation of test sequences from models in Focus. 1 They have applied their approach to both model-based testing of firewalls [36] and reactive systems [37]. Jürjens further extended UML by UMLsec, an extension to UML for secure systems development [38], which he applied in model-based testing of the Common Electronic Purse Specification (CEPS) [39].…”

Section: Model-based Security Testingmentioning

confidence: 99%

Knowledge-based security testing of web applications by logic programming

Zech

Felderer

Breu

2017

Int J Softw Tools Technol Transfer

View full text Add to dashboard Cite

This article introduces a new method for knowledge-based security testing by logic programming and the related tool implementation for model-based nonfunctional security testing of web applications. Our method helps to overcome the current prevalent focus on functional instead of non-functional (or negative) requirements as well as the required high level of security knowledge when performing non-functional security testing. It addresses issues like considering non-functional requirements for testing, managing the virtually infinite amount of negative security test cases, advancing non-functional security testing away from its prevalent penetration testing-like style, and making non-functional security testing feasible for testers that are not experts in security via a security knowledge base. The method and its model-based tool implementation are evaluated in two studies, which show the method's effectiveness in detecting vulnerabilities in web applications and thus, also its value in making software system more secure.

show abstract

Section: Model-based Security Testingmentioning

confidence: 99%

Knowledge-based security testing of web applications by logic programming

Zech

Felderer

Breu

2017

Int J Softw Tools Technol Transfer

View full text Add to dashboard Cite

show abstract

“…[1]), there is until today little work on model-based security testing (MBST). Relevant publications in the field of MBST are [3,10,11,16,21,23,12,19].…”

Section: Related Workmentioning

confidence: 99%

“…Jurjens and Wimmel [11,23] address the problem of generating test sequences from abstract system specifications in order to detect possible vulnerabilities in security-critical systems. Both papers assume that the system specification, from which tests are generated, is formally defined in the language Focus -a mathematical framework for the specification, refinement, and verification of distributed, reactive systems.…”

Section: Related Workmentioning

confidence: 99%

“…Both papers assume that the system specification, from which tests are generated, is formally defined in the language Focus -a mathematical framework for the specification, refinement, and verification of distributed, reactive systems. The paper [11] focuses on testing of firewalls whereas [23] focuses on transaction systems. In [10], Jurjens extends [8] by considering system specification written in the language UMLsec -a security profile for the Unified Modelling Language.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Model-Based Security Testing

Schieferdecker

Grossmann

Schneider

2012

Electron. Proc. Theor. Comput. Sci.

View full text Add to dashboard Cite

Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation.Model-based security testing (MBST) is a relatively new field and especially dedicated to the systematic and efficient specification and documentation of security test objectives, security test cases and test suites, as well as to their automated or semi-automated generation. In particular, the combination of security modelling and test generation approaches is still a challenge in research and of high interest for industrial applications. MBST includes e.g. security functional testing, model-based fuzzing, risk-and threat-oriented testing, and the usage of security test patterns. This paper provides a survey on MBST techniques and the related models as well as samples of new methods and tools that are under development in the European ITEA2-project DIAMONDS.

show abstract

“…There is previous work on firewall testing [Hoffman et al 2003;Jürjens and Wimmel 2001;Hoffman and Yoo 2005;Senn et al 2005;Lyu and Lau 2000]. These testing techniques involve injecting packets into a firewall and checking whether the decisions of the firewall concerning the injected packets are correct.…”

Section: Related Workmentioning

confidence: 99%

Firewall policy change-impact analysis

Liu

2008

ACM Trans. Internet Technol.

View full text Add to dashboard Cite

Firewalls are the cornerstones of the security infrastructure for most enterprises. They have been widely deployed for protecting private networks. The quality of the protection provided by a firewall directly depends on the quality of its policy (i.e., configuration). Due to the lack of tools for analyzing firewall policies, many firewalls used today have policy errors. A firewall policy error either creates security holes that will allow malicious traffic to sneak into a private network or blocks legitimate traffic and disrupts normal business processes, which in turn could lead to irreparable, if not tragic, consequences. A major cause of policy errors are policy changes. Firewall policies often need to be changed as networks evolve and new threats emerge. Users behind a firewall often request the firewall administrator to modify rules to allow or protect the operation of some services.In this article, we first present the theory and algorithms for firewall policy change-impact analysis. Our algorithms take as input a firewall policy and a proposed change, then output the accurate impact of the change. Thus, a firewall administrator can verify a proposed change before committing it. We implemented our firewall change-impact analysis algorithms, and tested them on both real-life and synthetic firewall policies. The experimental results show that our algorithms are effective in terms of ensuring firewall policy correctness and efficient in terms of computing the impact of policy changes. Thus, our tool can be practically used in the iterative process of firewall policy design and maintenance. Although the focus of this article is on firewalls, the change-impact analysis algorithms proposed in this article are not limited to firewalls. Rather, they can be applied to other rule-based systems, such as router access control lists (ACLs), as well.

show abstract

Specification-Based Testing of Firewalls

Cited by 36 publications

References 9 publications

Knowledge-based security testing of web applications by logic programming

Knowledge-based security testing of web applications by logic programming

Model-Based Security Testing

Firewall policy change-impact analysis

Contact Info

Product

Resources

About