Talks and Poster Presentations (with Proceedings-Entry):
C. Schanes, F. Fankhauser, T. Grechenig, M. Schafferer, K. Behning, D. Hovemeyer:
"Problem space and special characteristics of security testing in live and operational environments of large systems exemplified by a nationwide IT infrastructure";
Talk: Advances in System Testing and Validation Lifecycle 2009,
- 09-25-2009; in: "Advances in System Testing and Validation Lifecycle",
The paper discusses foundations and requirements for testing security robustness aspects in operational environments while adhering to deﬁned protection values for data. It deﬁnes the problem space and special characteristics of security testing in large IT infrastructures. In this area there are different environments with varying characteristics, e.g., regarding conﬁdentiality of data. Common environments based on an existing IT project are deﬁned. Testing in dedicated
test environments is state of the art, however, sometimes this is not sufﬁcient and testing in operational environments is required. Case studies showed many restrictions in the security test process, e.g., limited access for testers, which have to be addressed. The problems of testing in these operational environments are pointed out. Experiences and some current solution approaches for testing these special environments are shown (e.g., usage of disaster/recovery mechanism).
Data security; Testing; Privacy; Communication system operations and management
Electronic version of the publication:
Created from the Publication Database of the Vienna University of Technology.