Title :
A Scenario Driven Approach for Security Policy Testing Based on Model Checking
Author :
Chen Yan ; Wu Dan
Author_Institution :
Scholl of Mechatronical Eng., Beijing Inst. of Technol., Beijing, China
Abstract :
Security policy system is critical to the security sensitive implementation systems. To increase confidence in the correctness of the security policies, policy developers can conduct policy testing to ensure security policies are correctly implemented in these systems. In this paper we present a novel framework for security policy testing. The framework takes the privilege scenario as the source of test cases for security policies. The privilege scenario generation algorithm is presented, on the base of which privilege scenarios can be automatically generated by dint of model checking. Then we describe the method for privilege scenarios transforming into test cases. At last test coverage criteria are given. The framework covers all elements for the scenario based testing and provides a comprehensive solution for the security policy testing.
Keywords :
formal verification; security of data; model checking; privilege scenario generation algorithm; security policy system; security policy testing; test coverage criteria; Application software; Automata; Automatic testing; Control systems; Logic testing; National security; Safety; Scalability; Software engineering; System testing;
Conference_Titel :
Information Engineering and Computer Science, 2009. ICIECS 2009. International Conference on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-4994-1
DOI :
10.1109/ICIECS.2009.5365628
