摘要
Web应用软件的使用日益广泛,为了保证软件的安全性,Web安全测试必不可少,而设计全面、有效的安全测试用例则是关键。该文对Web安全漏洞进行了分类,研究了Web安全测试内容,阐述了安全测试用例设计原则。
Web application software is used more and more widely. In order to guarantee the safety of the software, it is necessary to execute Web security test and the key is to design comprehensive and effective security test cases. In this paper, web security vulnerabilities are classified and web security test content is studied. Finally, the principle of case design for security test is expounded.
引文
[1]方建超,徐全军.网络安全漏洞检测技术分析[J].计算机安全,2005(10):32-33.
[2]施寅生,邓世伟,谷天阳.服务安全性测试技术研究[J].计算机工程与科学,2007,29(10):11-13.
[3]刘焕洲,缪淮扣.Web应用程序建模和测试用例生成方法[J].计算机工程,2008,34(6):60-62.
[4]The Open Web Application Security Project[EB/OL].http://www.owasp.org/index.php/Main_Page.
[5]范红,冯登国,吴亚非.信息安全风险评估方法与应用[M].北京:清华大学出版社,2006.