Istituto di Scienza e Tecnologie dell'Informazione     
Bertolino A., Le Traon Y., Lonetti F., Marchetti E., Mouelhi T. Validation of access control systems. Maritta Heisel, Wouter Joosen, Javier Lopez, Fabio Martinelli (eds.). (Lecture Notes in Computer Science, vol. 8431). Chennai, India: Springer, 2014.
Access Control is among the most important security mechanisms to put in place in order to secure applications, and XACML is the de facto standard for defining access control policies. Due to the complexity of XACML language it is important to perform efficient testing to identify potential security flaws and bugs. However, in practice, exhaustive testing is impossible due to budget constraints. Test cases selection and prioritization are two well-known solutions to maximize the effectiveness of the test suite in terms of discovered faults, reducing as much as possible the required effort for tests execution and results analysis. In this chapter, after providing a survey on validation approaches for XACML based access control systems, we present a coverage based selection strategy and a similarity based test prioritization solution, both applied to XACML test cases. Then we compare the effectiveness of the two approaches in terms of mutation score and number of test cases. Experimental results show that coverage based selection outperforms similarity based prioritization, hinting to future improvements of the proposed approaches.
URL: http://link.springer.com/chapter/10.1007%2F978-3-319-07452-8_9
DOI: 10.1007/978-3-319-07452-8_9
Subject Access control
D.4.6 Security and Protection. Access controls

Icona documento 1) Download Document PDF

Icona documento Open access Icona documento Restricted Icona documento Private


Per ulteriori informazioni, contattare: Librarian http://puma.isti.cnr.it

Valid HTML 4.0 Transitional