Towards test automation for certification tests in the banking domain
dc.contributor.author | Elakas, A. | |
dc.contributor.author | Tarlan, Ozan | |
dc.contributor.author | Safak, I. | |
dc.contributor.author | Çakmakçı, Kübra Kalkan | |
dc.contributor.author | Sözer, Hasan | |
dc.date.accessioned | 2024-02-16T07:39:34Z | |
dc.date.available | 2024-02-16T07:39:34Z | |
dc.date.issued | 2023 | |
dc.identifier.uri | http://hdl.handle.net/10679/9155 | |
dc.identifier.uri | https://ieeexplore.ieee.org/document/10286638 | |
dc.description.abstract | Software systems in the banking domain are business-critical applications that provide financial services. These systems are subject to rigorous certification tests, which are performed manually, and take weeks to complete. In this paper, we suggest that automation of the certificate tests are possible and it will save a considerable amount of time. A certification testing operation which can take a few weeks can be reduced to a few seconds. Firstly, we review the existing test activities to identify the ones that can be automated and introduce a prototype tool for automating some of the tests used for certification. We focus on rules that are verified by analyzing the banking infrastructure. Our tool takes the network topology of the banking infrastructure as input and verifies a subset of these rules. The tool can be extended with additional rules in order to reduce the effort for certification tests. In addition to this tool, we introduce softwaredefined network-based tests to automatically verify compliance with the rules by checking the firewall constraints and host connections. In particular, we focus on a security certification standard named Payment Card Industry Data Security Standard. This certification aims to reduce the risk of data breaches in cardholder data by ensuring industry standard practices for payment card transactions. Our tool offers effort reduction in auditing through automation. It supports continuous auditing and network security enhancement processes. | en_US |
dc.description.sponsorship | TÜBİTAK | |
dc.language.iso | eng | en_US |
dc.publisher | IEEE | en_US |
dc.relation | info:turkey/grantAgreement/TUBITAK/119C111 | |
dc.relation.ispartof | 2023 8th International Conference on Computer Science and Engineering (UBMK) | |
dc.rights | restrictedAccess | |
dc.title | Towards test automation for certification tests in the banking domain | en_US |
dc.type | Conference paper | en_US |
dc.publicationstatus | Published | en_US |
dc.contributor.department | Özyeğin University | |
dc.contributor.authorID | (ORCID 0000-0003-1918-8587 & YÖK ID 165356) Kalkan, Kübra | |
dc.contributor.authorID | (ORCID 0000-0002-2968-4763 & YÖK ID 23178) Sözer, Hasan | |
dc.contributor.ozuauthor | Çakmakçı, Kübra Kalkan | |
dc.contributor.ozuauthor | Sözer, Hasan | |
dc.identifier.startpage | 364 | en_US |
dc.identifier.endpage | 369 | en_US |
dc.identifier.doi | 10.1109/UBMK59864.2023.10286638 | en_US |
dc.subject.keywords | Banking domain | en_US |
dc.subject.keywords | Certification tests | en_US |
dc.subject.keywords | Industrial case study | en_US |
dc.subject.keywords | Network topology | en_US |
dc.subject.keywords | Software-defined network | en_US |
dc.subject.keywords | Test automation | en_US |
dc.identifier.scopus | SCOPUS:2-s2.0-85177605078 | |
dc.contributor.ozugradstudent | Tarlan, Ozan | |
dc.relation.publicationcategory | Article - International Refereed Journal - Institutional Academic Staff and PhD Student |
Files in this item
Files | Size | Format | View |
---|---|---|---|
There are no files associated with this item. |
This item appears in the following Collection(s)
Share this page