摘要
为了评估现有Web应用程序扫描器功能的完整性和优缺点,研究Web应用扫描器的整体框架,对框架的重要组成部分提出了其评估指标。针对国内缺乏统一Web应用程序扫描器评估标准,研究了国外Web应用程序扫描器厂商联合提出的Web应用程序扫描器评估标准,指出了该标准的优势和劣势。使用提出的评估指标对选取的三款商业Web应用程序扫描器进行评估,评估结果能够在功能上有效区分这三款Web应用程序扫描器,证明了提出的评估指标能够较好评估Web应用程序扫描器的功能性。
In order to assess integrity and advantages and disadvantages of Web application scanners function, study the Web application scanner overall framework,put forward the evaluation indicators for the important parts of the framework. Aiming to the domestic lack of unified Web application scanner evaluation criteria, Web application scanner assessment standards are researched proposed by the foreign Web application scanner manufacturers combination, pointing out the advantages and disadvantages of this standard. Using the proposed e valuation indicators to evaluate the selected three paragraphs commercial Web application scanner, the evaluation results can effectively distinguish between the three paragraphs Web application scanner on the function, proved that the proposed evaluation indicators can bet ter evaluate Web application scanner function.
出处
《计算机技术与发展》
2013年第3期139-142,146,共5页
Computer Technology and Development
基金
国防973项目(6131180401)
关键词
网络应用程序扫描器
评估标准
评估指标
Web application program scanner
evaluation criteria
assessment indicators
