Istituto di Scienza e Tecnologie dell'Informazione     
Daoudagh S., El Kateb D., Lonetti F., Marchetti E., Mouelhi T. A toolchain for model-based design and testing of access control systems. In: MODELSWARD 2015 - 3rd International Conference on Model-Driven Engineering and Software Development (Angers, France, 9-11 February 2015). Proceedings, pp. 411 - 418. SCITEPRESS, 2015.
In access control systems, aimed at regulating the accesses to protected data and resources, a critical component is the Policy Decision Point (PDP), which grants or denies the access according to the defined policies. Due to the complexity of the standard language, it is recommended to rely on model-driven approaches which allow to overcome difficulties in the XACML policy definition. We provide in this paper a toolchain that involves a model-driven approach to specify and generate XACML policies and also enables automated testing of the PDP component. We use XACML-based testing strategies for generating appropriate test cases which are able to validate the functional aspects, constraints, permissions and prohibitions of the PDP. An experimental assessment of the toolchain and its use on a realistic case study are also presented.
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7323124
Subject XACML Language
Access Control Systems
D.4.6 Security and Protection. Access controls
D.2.5 SOFTWARE ENGINEERING. Testing and Debugging

Icona documento 1) Download Document PDF

Icona documento Open access Icona documento Restricted Icona documento Private


Per ulteriori informazioni, contattare: Librarian http://puma.isti.cnr.it

Valid HTML 4.0 Transitional