Web Applications Security Testing Evaluation
- Autores
- Dasso, Aristides; Funes, Ana
- Año de publicación
- 2020
- Idioma
- inglés
- Tipo de recurso
- documento de conferencia
- Estado
- versión publicada
- Descripción
- An important part of a good security software development program is the ability to determine how things are going. Therefore, it is important to track the results of testing and also apply metrics to this aim. A model to help in evaluating security testing in web applications is presented in this work. This model is based on the OWASP Web Security Testing Guide (WSTG) and the Logic Score of Preference (LSP) method. Using the LSP method we are able to construct a model that can be of help in assessing compliance respect to the ten-ets of the Check List of the WSTG, during and after testing in an application development project. Since LSP is a multicriteria and multiattribute decision method that allows the creation of models that can give different relevance to the various features under evaluation, in this case –items in the WSTG Check List– it can help in deciding which item or items should be given more impor-tance according to the needs of the project considered.
Sociedad Argentina de Informática e Investigación Operativa - Materia
-
Ciencias Informáticas
Multicriteria decision methods
LSP method
Ssoftware security - Nivel de accesibilidad
- acceso abierto
- Condiciones de uso
- http://creativecommons.org/licenses/by-nc-sa/3.0/
- Repositorio
.jpg)
- Institución
- Universidad Nacional de La Plata
- OAI Identificador
- oai:sedici.unlp.edu.ar:10915/116735
Ver los metadatos del registro completo
| id |
SEDICI_b0a2e8e1df55c55aa325d8ecfe5c62b6 |
|---|---|
| oai_identifier_str |
oai:sedici.unlp.edu.ar:10915/116735 |
| network_acronym_str |
SEDICI |
| repository_id_str |
1329 |
| network_name_str |
SEDICI (UNLP) |
| spelling |
Web Applications Security Testing EvaluationDasso, AristidesFunes, AnaCiencias InformáticasMulticriteria decision methodsLSP methodSsoftware securityAn important part of a good security software development program is the ability to determine how things are going. Therefore, it is important to track the results of testing and also apply metrics to this aim. A model to help in evaluating security testing in web applications is presented in this work. This model is based on the OWASP Web Security Testing Guide (WSTG) and the Logic Score of Preference (LSP) method. Using the LSP method we are able to construct a model that can be of help in assessing compliance respect to the ten-ets of the Check List of the WSTG, during and after testing in an application development project. Since LSP is a multicriteria and multiattribute decision method that allows the creation of models that can give different relevance to the various features under evaluation, in this case –items in the WSTG Check List– it can help in deciding which item or items should be given more impor-tance according to the needs of the project considered.Sociedad Argentina de Informática e Investigación Operativa2020-10info:eu-repo/semantics/conferenceObjectinfo:eu-repo/semantics/publishedVersionObjeto de conferenciahttp://purl.org/coar/resource_type/c_5794info:ar-repo/semantics/documentoDeConferenciaapplication/pdf102-114http://sedici.unlp.edu.ar/handle/10915/116735enginfo:eu-repo/semantics/altIdentifier/url/http://49jaiio.sadio.org.ar/pdfs/siiio/SIIIO-09.pdfinfo:eu-repo/semantics/altIdentifier/issn/2618-3277info:eu-repo/semantics/openAccesshttp://creativecommons.org/licenses/by-nc-sa/3.0/Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported (CC BY-NC-SA 3.0)reponame:SEDICI (UNLP)instname:Universidad Nacional de La Platainstacron:UNLP2025-09-03T10:59:33Zoai:sedici.unlp.edu.ar:10915/116735Institucionalhttp://sedici.unlp.edu.ar/Universidad públicaNo correspondehttp://sedici.unlp.edu.ar/oai/snrdalira@sedici.unlp.edu.arArgentinaNo correspondeNo correspondeNo correspondeopendoar:13292025-09-03 10:59:33.468SEDICI (UNLP) - Universidad Nacional de La Platafalse |
| dc.title.none.fl_str_mv |
Web Applications Security Testing Evaluation |
| title |
Web Applications Security Testing Evaluation |
| spellingShingle |
Web Applications Security Testing Evaluation Dasso, Aristides Ciencias Informáticas Multicriteria decision methods LSP method Ssoftware security |
| title_short |
Web Applications Security Testing Evaluation |
| title_full |
Web Applications Security Testing Evaluation |
| title_fullStr |
Web Applications Security Testing Evaluation |
| title_full_unstemmed |
Web Applications Security Testing Evaluation |
| title_sort |
Web Applications Security Testing Evaluation |
| dc.creator.none.fl_str_mv |
Dasso, Aristides Funes, Ana |
| author |
Dasso, Aristides |
| author_facet |
Dasso, Aristides Funes, Ana |
| author_role |
author |
| author2 |
Funes, Ana |
| author2_role |
author |
| dc.subject.none.fl_str_mv |
Ciencias Informáticas Multicriteria decision methods LSP method Ssoftware security |
| topic |
Ciencias Informáticas Multicriteria decision methods LSP method Ssoftware security |
| dc.description.none.fl_txt_mv |
An important part of a good security software development program is the ability to determine how things are going. Therefore, it is important to track the results of testing and also apply metrics to this aim. A model to help in evaluating security testing in web applications is presented in this work. This model is based on the OWASP Web Security Testing Guide (WSTG) and the Logic Score of Preference (LSP) method. Using the LSP method we are able to construct a model that can be of help in assessing compliance respect to the ten-ets of the Check List of the WSTG, during and after testing in an application development project. Since LSP is a multicriteria and multiattribute decision method that allows the creation of models that can give different relevance to the various features under evaluation, in this case –items in the WSTG Check List– it can help in deciding which item or items should be given more impor-tance according to the needs of the project considered. Sociedad Argentina de Informática e Investigación Operativa |
| description |
An important part of a good security software development program is the ability to determine how things are going. Therefore, it is important to track the results of testing and also apply metrics to this aim. A model to help in evaluating security testing in web applications is presented in this work. This model is based on the OWASP Web Security Testing Guide (WSTG) and the Logic Score of Preference (LSP) method. Using the LSP method we are able to construct a model that can be of help in assessing compliance respect to the ten-ets of the Check List of the WSTG, during and after testing in an application development project. Since LSP is a multicriteria and multiattribute decision method that allows the creation of models that can give different relevance to the various features under evaluation, in this case –items in the WSTG Check List– it can help in deciding which item or items should be given more impor-tance according to the needs of the project considered. |
| publishDate |
2020 |
| dc.date.none.fl_str_mv |
2020-10 |
| dc.type.none.fl_str_mv |
info:eu-repo/semantics/conferenceObject info:eu-repo/semantics/publishedVersion Objeto de conferencia http://purl.org/coar/resource_type/c_5794 info:ar-repo/semantics/documentoDeConferencia |
| format |
conferenceObject |
| status_str |
publishedVersion |
| dc.identifier.none.fl_str_mv |
http://sedici.unlp.edu.ar/handle/10915/116735 |
| url |
http://sedici.unlp.edu.ar/handle/10915/116735 |
| dc.language.none.fl_str_mv |
eng |
| language |
eng |
| dc.relation.none.fl_str_mv |
info:eu-repo/semantics/altIdentifier/url/http://49jaiio.sadio.org.ar/pdfs/siiio/SIIIO-09.pdf info:eu-repo/semantics/altIdentifier/issn/2618-3277 |
| dc.rights.none.fl_str_mv |
info:eu-repo/semantics/openAccess http://creativecommons.org/licenses/by-nc-sa/3.0/ Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported (CC BY-NC-SA 3.0) |
| eu_rights_str_mv |
openAccess |
| rights_invalid_str_mv |
http://creativecommons.org/licenses/by-nc-sa/3.0/ Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported (CC BY-NC-SA 3.0) |
| dc.format.none.fl_str_mv |
application/pdf 102-114 |
| dc.source.none.fl_str_mv |
reponame:SEDICI (UNLP) instname:Universidad Nacional de La Plata instacron:UNLP |
| reponame_str |
SEDICI (UNLP) |
| collection |
SEDICI (UNLP) |
| instname_str |
Universidad Nacional de La Plata |
| instacron_str |
UNLP |
| institution |
UNLP |
| repository.name.fl_str_mv |
SEDICI (UNLP) - Universidad Nacional de La Plata |
| repository.mail.fl_str_mv |
alira@sedici.unlp.edu.ar |
| _version_ |
1842260489462087680 |
| score |
13.13397 |