Title :
Assessment of Access Control Systems Using Mutation Testing
Author :
Daoudagh, Said ; Lonetti, Francesca ; Marchetti, Eda
Author_Institution :
Ist. di Scienza e Tecnol. dell´Inf. “A. Faedo”, Pisa, Italy
Abstract :
In modern pervasive applications, it is important to validate access control mechanisms that are usually defined by means of the standard XACML language. Mutation analysis has been applied on access control policies for measuring the adequacy of a test suite. In this paper, we present a testing framework aimed at applying mutation analysis at the level of the Java based policy evaluation engine. A set of Java based mutation operators is selected and applied to the code of the Policy Decision Point (PDP). A first experiment shows the effectiveness of the proposed framework in assessing the fault detection of XACML test suites and confirms the efficacy of the application of code-based mutation operators to the PDP.
Keywords :
Java; authorisation; program diagnostics; program testing; ubiquitous computing; Java based mutation operators; Java based policy evaluation engine; PDP; access control system assessment; code-based mutation operators; fault detection; mutation testing analysis; policy decision point code; standard XACML language; Access control; Engines; Fault detection; Java; Proposals; Sun; Testing;
Conference_Titel :
TEchnical and LEgal aspects of data pRivacy and SEcurity, 2015 IEEE/ACM 1st International Workshop on
Conference_Location :
Florence
Print_ISBN :
978-1-4673-7097-4
DOI :
10.1109/TELERISE.2015.10
