Multi-party business applications are distributed computer programs implementing collaborative business functions. These applications are one of the main target of attackers who exploit vulnerabilities in order to perform malicious activities. The most prevalent classes of vulnerabilities are the consequence of insufficient validation of the user-provided input. However, the less-known class of logic vulnerabilities recently attracted the attention of researcher. According to the availability of software documentation, two testing techniques can be used: design verification via model checking, and black-box security testing. However, the former offers no support to test real implementations and the latter lacks the sophistication to detect ...
This thesis focuses on the issue of security testing of web-applications, considering the internal p...
Recently efficient model-checking tools have been developed to find flaws in security protocols spec...
This thesis proposes an original approach, dubbed PMVT for Pattern-driven and Model-basedVulnerabili...
Multi-party business applications are distributed computer programs implementing collaborative busin...
Les logiciels multi-partis sont des applications distribuées sur le web qui mettent en oeuvre des fo...
Abstract—Web applications play a very important role in many critical areas, including online bankin...
The advent of Software-as-a-Service (SaaS) has led to the development of multi-party web application...
International audienceRecently efficient model-checking tools have been developed to find flaws in s...
Testing is a viable approach for detecting implementation bugswhich have a security impact, a.k.a. v...
Testing is a viable approach for detecting implementation bugs which have a security impact, a.k.a. ...
Web applications are the most common way to make ser-vices and data available on the Internet. Unfor...
Millions of computer users worldwide use the Internet every day for consuming web-based services (e....
International audienceIn recent years, important efforts have been made for offering a dedicated lan...
Model checkers have been remarkably successful in finding flaws in security protocols. In this paper...
Abstract—Model checking and security testing are two ver-ification techniques available to help find...
This thesis focuses on the issue of security testing of web-applications, considering the internal p...
Recently efficient model-checking tools have been developed to find flaws in security protocols spec...
This thesis proposes an original approach, dubbed PMVT for Pattern-driven and Model-basedVulnerabili...
Multi-party business applications are distributed computer programs implementing collaborative busin...
Les logiciels multi-partis sont des applications distribuées sur le web qui mettent en oeuvre des fo...
Abstract—Web applications play a very important role in many critical areas, including online bankin...
The advent of Software-as-a-Service (SaaS) has led to the development of multi-party web application...
International audienceRecently efficient model-checking tools have been developed to find flaws in s...
Testing is a viable approach for detecting implementation bugswhich have a security impact, a.k.a. v...
Testing is a viable approach for detecting implementation bugs which have a security impact, a.k.a. ...
Web applications are the most common way to make ser-vices and data available on the Internet. Unfor...
Millions of computer users worldwide use the Internet every day for consuming web-based services (e....
International audienceIn recent years, important efforts have been made for offering a dedicated lan...
Model checkers have been remarkably successful in finding flaws in security protocols. In this paper...
Abstract—Model checking and security testing are two ver-ification techniques available to help find...
This thesis focuses on the issue of security testing of web-applications, considering the internal p...
Recently efficient model-checking tools have been developed to find flaws in security protocols spec...
This thesis proposes an original approach, dubbed PMVT for Pattern-driven and Model-basedVulnerabili...