摘要 |
PURPOSE: A method and a system for testing/evaluating a security solution are provided to make business engineering for software development and maintenance efficient by testing or evaluating the security solution, and to enhance a chance of success by performing the related managements through project management. CONSTITUTION: An object/environmental variable input part(A01) automatically tests/evaluates the security solution. A security solution design analysis engine(A02) analyzes a design of the security solution and extracts the information for testing/evaluating the security solution. A virtual user operation engine(A03) operates/analyzes a virtual user of the security solution. A test/evaluation standard matrix database(A06) manages a standard for the security solution. A test/evaluation model-base(A08) manages a test/evaluation model used for testing/evaluating the security solution. A test/evaluation knowledge-base(A09) manages a rule, a procedure, and knowledge needed to test/evaluate the security solution. A test/evaluation engine(A10) tests/evaluates the security solution by the standard, the predicting model, and the extracted information.
|