1st International ICST Workshop on Trusted Collaboration

Research Article

A Framework of Multiple-Aspect Component-Testing for Trusted Collaboration in Mission-Critical Systems

  • @INPROCEEDINGS{10.1109/COLCOM.2006.361878,
        author={Joon S. Park and Avinash T. Suresh and Gaeil An and Joseph Giordano},
        title={A Framework of Multiple-Aspect Component-Testing for Trusted Collaboration in Mission-Critical Systems},
        proceedings={1st International ICST Workshop on Trusted Collaboration},
        publisher={IEEE},
        proceedings_a={TRUSTCOL},
        year={2007},
        month={5},
        keywords={multiple-aspect  test component survivability component formatting attack testing mechanism},
        doi={10.1109/COLCOM.2006.361878}
    }
    
  • Joon S. Park
    Avinash T. Suresh
    Gaeil An
    Joseph Giordano
    Year: 2007
    A Framework of Multiple-Aspect Component-Testing for Trusted Collaboration in Mission-Critical Systems
    TRUSTCOL
    IEEE
    DOI: 10.1109/COLCOM.2006.361878
Joon S. Park1,*, Avinash T. Suresh1,*, Gaeil An1,*, Joseph Giordano2,*
  • 1: The Laboratory for Applied Information Security Technology (LAIST), School of Information Studies, Syracuse University, Syracuse, New York, USA
  • 2: Information Directorate, Air Force Research Laboratory (AFRL), New York, USA
*Contact email: jspark@syr.edu, atsuresh@syr.edu, gan@syr.edu, Joseph.Giordano@rl.af.mill

Abstract

Although we need software-component sharing in a large distributed system, we cannot simply trust those components provided by participating organizations, especially when malicious groups or competitors are involved in the collaboration. When a wide range of malicious activity needs to be tested, a large overhead is incurred in scanning for malicious code and checking internal failures. Large projects also have multi-functional teams working and any lack of communication or overlooks in design can lead to unchecked security holes when the system is integrated. Moreover, it is not always easy to test the whole system for security and accuracy in preventing attacks because one can never develop a test plan for that which one is unaware of, such as a specialized attack by a hacker that compromises a system. Therefore, in this paper we develop a dynamic approach for testing software components in using multiple aspects of testing with high accuracy. We also present new techniques that provide for an automated system architecture that provides for a scalable and flexible distributed testing mechanism capable of handling newer threats at very short notice. We have considered the use of Microsoft's .Net and C# as the platform to describe and prototype the testing mechanisms.