A Formal Approach to Distributed System Security Test Generation
This addresses security testing challenges for distributed systems, but appears incremental as it builds on existing standards and practices.
The paper tackled the problem of security testing for distributed systems by introducing a formal approach to automate the design and generation of security checklists, based on a list of typical threats and a six-layered model.
Deployment of distributed systems sets high requirements for procedures for the security testing of these systems. This work introduces: (1) a list of typical threats based on standards and actual practices; (2) an extended six-layered model for test generation mission on the basis of technical specifications and end-user requirements. Based on the list of typical threats and the multilayer model, we describe a formal approach to the automated design and generation of security mechanisms checklists for complex distributed systems.