SECURITY TESTING APPARATUS AND METHOD OF REMOTE REMOTE PROCEDURE CALL SOFTWARE

摘要

A device and a method for testing security of RPC(Remote Procedure Call)-based software in a remote place are provided to perform a remote security test for the RPC-based software efficiently, and standardize and automatically process a series of procedures causing exceptional errors in target software. A testing target selecting module(110) determines a target service/function. An RPC interface module(120) interfaces communication with the selected service/function. A function calling/analyzing module(130) subdivides entire packet by filtering/dividing the received service/function into a part calling a service function and a network communication part setting connection needed for calling the function, and analyzing procedure/setting of a protocol set and individual protocols needed for setting the connection with a server. A communication protocol implementing module(140) modularizes and implements a network communication protocol part for transferring an RPC function call. A security testing module(150) tests security of parameter transferred when the function is called. A result analyzing module(160) analyzes a security test result by testing the security of the RPC-based software of a remote computer and collecting the packets. A testing module(170) transfers massages to a service providing function as many as possible to check over whether a service for specific input is stably operated.