Security Testing

Security Testing

Security Testing: (The) Process to determine that an IS (Information System) protects data and maintains functionality as intended.

The six basic security concepts that need to be covered by security testing are: confidentiality, integrity, authentication, authorisation, availability and non-repudiation.

Software Testing Portal


  • 1 Confidentiality
  • 2 Integrity
  • 3 Authentication
  • 4 Authorization
  • 5 Availability
  • 6 Non-repudiation
  • 7 See also


  • A security measure which protects against the disclosure of information to parties other than the intended recipient that is by no means the only way of ensuring confidentiality.


  • A measure intended to allow the receiver to determine that the information which it receives has not been altered in transit or by other than the originator of the information.
  • Integrity schemes often use some of the same underlying technologies as confidentiality schemes, but they usually involve adding additional information to a communication to form the basis of an algorithmic check rather than the encoding all of the communication.


  • A measure designed to establish the validity of a transmission, message, or originator.
  • Allows a receiver to have confidence that information it receives originated from a specific known source.


  • The process of determining that a requester is allowed to receive a service or perform an operation.
  • Access control is an example of authorization.


  • Assuring information and communications services will be ready for use when expected.
  • Information must be kept available to authorized persons when they need it.

Also authority to operate


  • A measure intended to prevent the later denial that an action happened, or a communication that took place etc.
  • In communication terms this often involves the interchange of authentication information combined with some form of provable time stamp

No comments: