مرکز منطقه ای اطلاع رساني علوم و فناوري - Test Generation from Security Policies Specified in Or-BAC

DocumentCode :

3283105

Title :

Test Generation from Security Policies Specified in Or-BAC

Author :

Li, Keqin ; Mounier, Laurent ; Groz, Roland

Author_Institution :

Grenoble Univ., Grenoble

Volume :

fYear :

2007

fDate :

24-27 July 2007

Firstpage :

255

Lastpage :

260

Abstract :

Security policy testing is a practical way to ensure security policies are correctly implemented in information or networking systems with a certain level of confidence. In this paper, we adapt model based testing techniques for formal models of security policies, and propose a two stage approach to produce test cases from a security policy specified in Or-BAC, i.e., test purpose generation from Or-BAC rules, and test case generation from test purposes.

Keywords :

authorisation; program testing; formal model; organization-based access control; security policy testing; Computer applications; Computer science; Computer security; Concurrent computing; Information security; Performance evaluation; Real time systems; Specification languages; System testing; Unified modeling language;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Computer Software and Applications Conference, 2007. COMPSAC 2007. 31st Annual International

Conference_Location :

Beijing

ISSN :

0730-3157

Print_ISBN :

0-7695-2870-8

Type :

conf

DOI :

10.1109/COMPSAC.2007.210

Filename :

4291133

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3283105