A Formal Approach for Interoperability Testing of Security Rules

Author

El Maarabani, M. ; Hwang, Iksoon ; Cavalli, Ana

Author_Institution

Software-Networks Dept., TELECOM & Manage. SudParis, Evry, France

fYear

2010

fDate

15-18 Dec. 2010

Firstpage

277

Lastpage

284

Abstract

The interaction between business communities becomes a crucial requirement due to the need of exchanging and sharing resources and services. In general, each system defines its own security policy to manage access control to its resources. In this case, we may have security interoperability problems due to the variety and complexity of secured systems implementations. In this paper, we provide a formal approach for interoperability testing of security rules. First we propose a method to integrate interoperability security rules in a functional model represented by an extended finite automata. Then, test cases are generated from the obtained secured functional model by using an automatic test generation tool, Test Gen-IF. As an application, we provide a case study of security interoperability between two hospitals that share some resources.

Keywords

authorisation; finite automata; formal verification; open systems; program testing; TestGen-IF; access control; business communities; extended finite automata; formal approach; interoperability testing; security policy; security rules; Automata; Communities; Context; Information systems; Organizations; Security; Testing; O2O; interoperability testing; security policy; security rule integration; security validation;

fLanguage

English

Publisher

ieee

Conference_Titel

Signal-Image Technology and Internet-Based Systems (SITIS), 2010 Sixth International Conference on

Conference_Location

Kuala Lumpur

Print_ISBN

978-1-4244-9527-6

Electronic_ISBN

978-0-7695-4319-2

Type

conf

DOI

10.1109/SITIS.2010.53

Filename

5714563