Istituto di Scienza e Tecnologie dell'Informazione     
Bertolino A., Busch M., Daoudagh S., Lonetti F., Marchetti E. A toolchain for designing and testing access control policies. Maritta Heisel, Wouter Joosen, Javier Lopez, Fabio Martinelli (eds.). (Lecture Notes in Computer Science, vol. 8431). Heidelberg: Springer, 2014.
Security is an important aspect of modern information management systems. The crucial role of security in this systems demands the use of tools and applications that are thoroughly validated and verified. However, the testing phase is an effort consuming activity that requires reliable supporting tools for speeding up this costly stage. Access control systems, based on the integration of new and existing tools are available in the Service Development Environment (SDE). We introduce an Access Control Testing toolchain (ACT) for designing and testing access control policies that includes the following features: (i) the graphical specification of an access control model and its translation into an XACML policy; (ii) the derivation of test cases and their execution against the XACML policy; (iii) the assessment of compliance between the XACML policy execution and the access control model. In addition, we illustrate the use of the ACT toolchain on a case study.
URL: http://link.springer.com/chapter/10.1007%2F978-3-319-07452-8_11#close
DOI: 10.1007/978-3-319-07452-8_11
Subject Security
Authorization systems
Access control policies
D.4.6 Security and Protection. Access controls

Icona documento 1) Download Document PDF

Icona documento Open access Icona documento Restricted Icona documento Private


Per ulteriori informazioni, contattare: Librarian http://puma.isti.cnr.it

Valid HTML 4.0 Transitional