Show simple item record

dc.contributor.advisorRoos, Meelis
dc.contributor.advisorFreudenthal, Margus
dc.contributor.authorKlooster, Karin
dc.date.accessioned2017-04-26T07:14:51Z
dc.date.available2017-04-26T07:14:51Z
dc.date.issued2016
dc.identifier.urihttp://hdl.handle.net/10062/56215
dc.description.abstractTurvatestimine on tarkvara testimise haru, mille eesmärgiks on kontrollida, kas tarkvara on haavatav rünnete suhtes ning kas andmed, mida tarkvara töötleb, on kaitstud. Tarkvara turvalisuse standardeid töötatakse välja selleks, et tekitada ühine arusaam turvanõuetest, mida turvaline tarkvara peab täitma. Selles bakalaureusetöös kirjeldatakse ja rakendatakse tegevusi, mis on vajalikud veebirakenduse turvalisuse kindlakstegemiseks. Kombineerides OWASP ASVS veebirakenduste turvastandardit ja OWASP Top 10 riskide nimekirja, töötati välja turvanõuete nimekiri. Turvanõuete testimiseks töötati välja testjuhtumid ning testiti veebirakendust UXP Portal. Turvatestimise tulemusena tuvastati arvukalt turvaprobleeme. Juhtumiuuringu läbiviimise kogemuse põhjal vormistati õpitust lähtuvad soovitused.
dc.description.abstractSecurity testing is a software testing discipline that aims to verify that the functionality of the software is resistant to attacks and data processed by the software is protected. To establish common requirements that the software must fulfill, software security standards are published. This thesis aims to describe and apply a process necessary to verify the security of a web application. A checklist of security requirements was gathered combining OWASP ASVS web application security standard and OWASP Top Ten project. Test cases were developed and web application UXP Portal was tested to verify the security requirements in the checklist. Numerous security vulnerabilities were identified by security testing. The recommendations based on lessons learned during the case study were presented.
dc.language.isoeng
dc.titleTurvatestimise metoodika rakendamine: juhtumiuuring
dc.title.alternativeApplying a Security Testing Methodology: a Case Study
dc.typeThesis


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record