Software Testing, Data Security and GDPR
Master thesis
Permanent lenke
https://hdl.handle.net/11250/2644673Utgivelsesdato
2019Metadata
Vis full innførselSamlinger
Sammendrag
Software and data security are an important part of a modern-day business strategy of any
organization as it forms the basis for guaranteed security of information, data, and assets
of any organization. This project is principally focused on performing security test on the
Edemso software to find vulnerabilities, based on the security test results determine the
security level of the Edemso software and propose improvements regarding the general
security of the Edemso software.
In this project, extensive and detailed analyses of common security threats, various software
security testing tools, security testing method, and GDPR were performed. Based on the
analysis a preferred security testing method was determined and the Edemso software was
properly examined and tested and the findings meticulously documented and analyzed.
After proper and extensive examination of the Edemso software, about 36 vulnerabilities or
loopholes were discovered, 75% of which are low risk, 25% are critical risk level
vulnerabilities and there was zero severe high-risk level vulnerability. Attempts to exploits
the discovered vulnerabilities were unsuccessful and proposed solutions to eliminating these
critical vulnerabilities found in the project are; an update of the OpenSHH on port 22tcp
and reconfigurations in the internet information service manager of the Edemso software.
Based on the project results the security level of the Edemso software was determined to be
in good shape and if documented recommendations for improvements are implemented
there will be a significant improvement of the security level of the Edemso software