• DocumentCode
    3283105
  • Title

    Test Generation from Security Policies Specified in Or-BAC

  • Author

    Li, Keqin ; Mounier, Laurent ; Groz, Roland

  • Author_Institution
    Grenoble Univ., Grenoble
  • Volume
    2
  • fYear
    2007
  • fDate
    24-27 July 2007
  • Firstpage
    255
  • Lastpage
    260
  • Abstract
    Security policy testing is a practical way to ensure security policies are correctly implemented in information or networking systems with a certain level of confidence. In this paper, we adapt model based testing techniques for formal models of security policies, and propose a two stage approach to produce test cases from a security policy specified in Or-BAC, i.e., test purpose generation from Or-BAC rules, and test case generation from test purposes.
  • Keywords
    authorisation; program testing; formal model; organization-based access control; security policy testing; Computer applications; Computer science; Computer security; Concurrent computing; Information security; Performance evaluation; Real time systems; Specification languages; System testing; Unified modeling language;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Software and Applications Conference, 2007. COMPSAC 2007. 31st Annual International
  • Conference_Location
    Beijing
  • ISSN
    0730-3157
  • Print_ISBN
    0-7695-2870-8
  • Type

    conf

  • DOI
    10.1109/COMPSAC.2007.210
  • Filename
    4291133
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3283105