 The Theory and Implementation of InputValidator: A Semi-Automated Value-Level Bypass Testing ToolJ. Miller,
L. Zhang,
E. Ofuonye and
M. Smith
International Journal of Information Technology and Web Engineering (IJITWE), 2008, vol. 3, issue 3, 28-45 Abstract: The construction and testing of Web-based systems has become more complex and challenging because of continual innovations in technology. Security is a major concern, particularly for the deployment of mission critical applications. One of the principal vulnerabilities in Webbased systems revolves around insufficient and inappropriate input validation, a deficiency that can be exploited by attacks that bypass client-side checking. This article describes a partially automated mechanism, the tool InputValidator, which seeks to address this issue by sending test data directly to the server to test the robustness and security of the back-end software. The tool allows a user to construct, execute, and evaluate a number of test cases through a formfilling exercise instead of writing bespoke test code. Date: 2008 Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:igg:jitwe0:v:3:y:2008:i:3:p:28-45 Access Statistics for this article International Journal of Information Technology and Web Engineering (IJITWE) is currently edited by Ghazi I. Alkhatib More articles in International Journal of Information Technology and Web Engineering (IJITWE) from IGI Global |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.