Model-Checking Driven Security Testing of Web-Based Applications

Model checking and security testing are two verification techniques available to help finding flaws in security-sensitive, distributed applications. In this paper, we present an approach to security testing of web-based applications in which test cases are automatically derived from counterexamples found through model checking. We illustrate our approach by discussing its application against of the SAML-based Single Sign-On for Google Apps.

[1]  Gwen Salaün,et al.  Describing and reasoning on Web services using process algebra , 2004, Proceedings. IEEE International Conference on Web Services, 2004..

[2]  Mohammad Zulkernine,et al.  Towards Model-Based Automatic Testing of Attack Scenarios , 2009, SAFECOMP.

[3]  John Hughes,et al.  Security Assertion Markup Language (SAML) 2.0 Technical Overview , 2004 .

[4]  Alessandro Armando,et al.  Formal analysis of SAML 2.0 web browser single sign-on: breaking the SAML-based single sign-on for google apps , 2008, FMSE '08.

[5]  Jan Jürjens Model-based Security Testing Using UMLsec: A Case Study , 2008, Electron. Notes Theor. Comput. Sci..

[6]  Bruno Legeard,et al.  A taxonomy of model-based testing , 2006 .

[7]  Sebastian Mödersheim,et al.  Symbolic and Cryptographic Analysis of the Secure WS-ReliableMessaging Scenario , 2006, IACR Cryptol. ePrint Arch..

[8]  G. Denker,et al.  CAPSL and MuCAPSL , 2002, Journal of Telecommunications and Information Technology.

[9]  Bettina Buth,et al.  Computer Safety, Reliability, and Security, 28th International Conference, SAFECOMP 2009, Hamburg, Germany, September 15-18, 2009. Proceedings , 2009, SAFECOMP.

[10]  Michael Backes,et al.  Tailoring the Dolev-Yao abstraction to web services realities , 2005, SWS '05.

[11]  Sebastian Mödersheim,et al.  The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications , 2005, CAV.

[12]  Michael Goldsmith,et al.  Modelling and analysis of security protocols , 2001 .

[13]  Yannick Chevalier,et al.  A High Level Protocol Specification Language for Industrial Security-Sensitive Protocols , 2004 .

[14]  Thomas A. Henzinger,et al.  SYNERGY: a new algorithm for property checking , 2006, SIGSOFT '06/FSE-14.

[15]  Tao Xie,et al.  A fault model and mutation testing of access control policies , 2007, WWW '07.

[16]  Anthony J. Nadalin,et al.  Securing Web services , 2002, IBM Syst. J..

[17]  Kelvin J. Ross,et al.  Model-Based Security Vulnerability Testing , 2007, 2007 Australian Software Engineering Conference (ASWEC'07).

[18]  Percy Antonio Pari Salas,et al.  Testing Privacy Policies Using Models , 2008, 2008 Sixth IEEE International Conference on Software Engineering and Formal Methods.

[19]  Xiang Fu,et al.  Analysis of interacting BPEL web services , 2004, WWW '04.