Title :
A Toolchain for Designing and Testing XACML Policies
Author :
Bertolino, Antonia ; Busch, M. ; Daoudagh, Said ; Koch, Nils ; Lonetti, Francesca ; Marchetti, Eda
Author_Institution :
Ist. di Sci. e Tecnol. dell´Inf. A. Faedo, Pisa, Italy
Abstract :
In modern pervasive application domains, such as Service Oriented Architectures (SOAs) and Peer-to-Peer (P2P) systems, security aspects are critical. Justified confidence in the security mechanisms that are implemented for assuring proper data access is a key point. In the last years XACML has become the de facto standard for specifying policies for access control decisions in many application domains. Briefly, an XACML policy defines the constraints and conditions that a subject needs to comply with for accessing a resource and doing an action in a given environment. Due to the complexity of the language, XACML policy specification is a difficult and error prone process that requires specific knowledge and a high effort to be properly managed.
Keywords :
XML; authorisation; computational complexity; constraint handling; formal specification; information retrieval; program testing; XACML policy design; XACML policy specification; XACML policy testing; constraint handling; data access control decision; de facto standard; error prone process; language complexity; pervasive application domain; resource access; security mechanism; Access control; Analytical models; Navigation; Proposals; Testing; Unified modeling language;
Conference_Titel :
Software Testing, Verification and Validation (ICST), 2013 IEEE Sixth International Conference on
Conference_Location :
Luembourg
Print_ISBN :
978-1-4673-5961-0
DOI :
10.1109/ICST.2013.70
