Title :
A Formal Approach for Interoperability Testing of Security Rules
Author :
El Maarabani, M. ; Hwang, Iksoon ; Cavalli, Ana
Author_Institution :
Software-Networks Dept., TELECOM & Manage. SudParis, Evry, France
Abstract :
The interaction between business communities becomes a crucial requirement due to the need of exchanging and sharing resources and services. In general, each system defines its own security policy to manage access control to its resources. In this case, we may have security interoperability problems due to the variety and complexity of secured systems implementations. In this paper, we provide a formal approach for interoperability testing of security rules. First we propose a method to integrate interoperability security rules in a functional model represented by an extended finite automata. Then, test cases are generated from the obtained secured functional model by using an automatic test generation tool, Test Gen-IF. As an application, we provide a case study of security interoperability between two hospitals that share some resources.
Keywords :
authorisation; finite automata; formal verification; open systems; program testing; TestGen-IF; access control; business communities; extended finite automata; formal approach; interoperability testing; security policy; security rules; Automata; Communities; Context; Information systems; Organizations; Security; Testing; O2O; interoperability testing; security policy; security rule integration; security validation;
Conference_Titel :
Signal-Image Technology and Internet-Based Systems (SITIS), 2010 Sixth International Conference on
Conference_Location :
Kuala Lumpur
Print_ISBN :
978-1-4244-9527-6
Electronic_ISBN :
978-0-7695-4319-2
DOI :
10.1109/SITIS.2010.53
