Title :
Testing Privacy Policies Using Models
Author :
Salas, Percy Pari ; Krishnan, Padmanabhan
Author_Institution :
Center for Software Assurance, Bond Univ., Gold Coast, QLD
Abstract :
Privacy policies are usually expressed at a high level using languages such as P3P, EPAL, which are independent of applications. To check if a system satisfies a privacy policy requires to link it with the behaviour of the system and its environment. We propose a framework which is based on models to support the automation of testing if a software system meets a policy. In our framework, policies and system´s behaviour are expressed using formal models. These formal models are then combined and used to derive test cases. The main advantage of this approach is the automation of the testing process. We demonstrateits applicability via two examples..
Keywords :
authorisation; conformance testing; data privacy; formal specification; high level languages; program testing; program verification; access control policy; formal model; high level language; privacy policy testing; privacy requirement conformance testing; software development; software system testing automation; test case generation; Application software; Automatic testing; Automation; Information technology; Privacy; Reactive power; Software engineering; Software systems; Software testing; System testing; Model based testing; Privacy;
Conference_Titel :
Software Engineering and Formal Methods, 2008. SEFM '08. Sixth IEEE International Conference on
Conference_Location :
Cape Town
Print_ISBN :
978-0-7695-3437-4
DOI :
10.1109/SEFM.2008.7
