Process Security Testing
1.0 Testing for mandatory password reset for first time login.
Step ID | Description | Precondition | Expected Results | Actual Results | Pass or Fail | Notes |
---|---|---|---|---|---|---|
1 | Connect to the OSCAR main page | 1. OSCAR Software Test Version 15, system and DB up and running. 2. OSCAR user is setup and have the correct credentials to login | Oscar Opens | |||
2 | Login | Oscar welcome page prompts user to Enter credentials (User Name/ Password)
| 1. By entering right credentials user is getting system verification acceptance. 2.Once logged in, user is required to reset password
| |||
3 | Check for unused accounts | OSCAR System in production | 1. Verified that no unused accounts are in the system and all accounts have their properly assigned roles. 2. Very limited users has Admin rights. |
1.1 Testing for remote login restrictions
Step ID | Description | Precondition | Expected Results | Actual Results | Pass or Fail | Notes |
---|---|---|---|---|---|---|
1 | Connect to the OSCAR main page | 1. OSCAR Software Test Version 15, system and DB up and running. 2. OSCAR user is registered and have the correct credentials to login | Oscar Opens | |||
2 | Login | 1.Oscar welcome page prompts user to Enter credentials (User Name/ Password/Second level password) 2.User remotely logs in with only inputs username and password.
| 1.Unsuccessful login. Remote login require second level authentication. 2.System audits and logs all logins, successful and failed accessing the Clinical Management System Serve |
1.2 Testing for encryption of back up files
Step ID | Description | Precondition | Expected Results | Actual Results | Pass or Fail | Notes |
---|---|---|---|---|---|---|
1 | Encrypt back up files. | All files are set up and backed up. | All back up files are encrypted | |||
2 | Secure connection for back up files | Encrypted files should be copied using a secure connection | 1.Secure Shell (SSH) is being used.
2.Data is to be stored in a secure location on server. | |||
3 | Copy encrypted files | Encrypted files require a secure location | 1.Copy encrypted files to an external media device. 2.Verify external media device should also be encrypted. 3.Store copies in two different locations. |