Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Implementing a Platform for Security Testing of Software Applications
2014 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

It’s a matter of time until newly developed software becomes a target for malicious users. They always will try to find a security breach to exploit it for commercial purposes or for their fame. Application Security Testing (AST) plays its critical role in ensuring that the delivered software is secure. Therefore, AST must be a part of software development chain of any software company, doesn’t matter the size of the organization. For a software company any discovered security flaw may impact it’s business by losing money or users’ confidence. Therefore, including software security testing in quality assurance is a natural and common sense. When it comes to Small and Medium Enterprises (SMEs), the lack of resources may put away the security aspect of the developed software.The purpose of this master thesis is to provide knowledge on implementation of an AST platform in an SME context. The focus of the platform is on three specific vulnerabilities from OWASP Top 10 Vulnerabilities.The research methodology involved in this work is Action Design Research (ADR). The ADR was seen as the perfect method to shape the artifact (AST platform) involving the found Design Principles and to produce practical and theoretical implications for future research. The successful implementation of AST platform was accompanied by a set of new design principles, a list of steps for future implementations and a couple of security policies and guidelines.

Place, publisher, year, edition, pages
2014. , 62 p.
Keyword [en]
Social Behaviour Law, Small and Medium Enterprises, Quality Assurance
Keyword [sv]
Samhälls-, beteendevetenskap, juridik
Identifiers
URN: urn:nbn:se:ltu:diva-45574Local ID: 341d3a20-4cf4-4f57-9e27-94b161187951OAI: oai:DiVA.org:ltu-45574DiVA: diva2:1018868
Educational program
Computer Science and Engineering, master's level (120 credits)
Examiners
Note

Validerat; 20140821 (global_studentproject_submitter)

Available from: 2017-05-17 Created: 2016-10-04 Last updated: 2017-05-18Bibliographically approved

Open Access in DiVA

The full text will be freely available from 2019-09-01 00:00
Available from 2019-09-01 00:00

Search outside of DiVA

GoogleGoogle Scholar

Total: 33 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf