• DocumentCode
    3532258
  • Title

    Testing Privacy Policies Using Models

  • Author

    Salas, Percy Pari ; Krishnan, Padmanabhan

  • Author_Institution
    Center for Software Assurance, Bond Univ., Gold Coast, QLD
  • fYear
    2008
  • fDate
    10-14 Nov. 2008
  • Firstpage
    117
  • Lastpage
    126
  • Abstract
    Privacy policies are usually expressed at a high level using languages such as P3P, EPAL, which are independent of applications. To check if a system satisfies a privacy policy requires to link it with the behaviour of the system and its environment. We propose a framework which is based on models to support the automation of testing if a software system meets a policy. In our framework, policies and system´s behaviour are expressed using formal models. These formal models are then combined and used to derive test cases. The main advantage of this approach is the automation of the testing process. We demonstrateits applicability via two examples..
  • Keywords
    authorisation; conformance testing; data privacy; formal specification; high level languages; program testing; program verification; access control policy; formal model; high level language; privacy policy testing; privacy requirement conformance testing; software development; software system testing automation; test case generation; Application software; Automatic testing; Automation; Information technology; Privacy; Reactive power; Software engineering; Software systems; Software testing; System testing; Model based testing; Privacy;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Software Engineering and Formal Methods, 2008. SEFM '08. Sixth IEEE International Conference on
  • Conference_Location
    Cape Town
  • Print_ISBN
    978-0-7695-3437-4
  • Type

    conf

  • DOI
    10.1109/SEFM.2008.7
  • Filename
    4685799
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3532258