Testing of PolPA authorization systems

2012 7th International Workshop on Automation of Software Test, AST 2012 - Proceedings

Volumn , Issue , 2012, Pages 8-14

  Bertolino, Antonia ^a   Daoudagh, Said ^a   Lonetti, Francesca ^a   Marchetti, Eda ^a   Martinelli, Fabio ^b   Mori, Paolo ^b  

^a ISTI CNR   (Italy)

^b Istituto di informatica e telematica del Consiglio nazionale delle ricerche   (Italy)

Author keywords

Authorization systems; PolPA language; request generation; testing

Indexed keywords

AUTHORIZATION SYSTEMS; AUTOMATIC GENERATION; ERROR PRONES; FAULT MODEL; POLICY DECISION POINTS; POLICY SPECIFICATION; POLPA LANGUAGE; REQUEST GENERATION; TEST FRAMEWORK; TEST STRATEGIES; TESTING FRAMEWORK; VERIFICATION AND TESTING;

TESTING;

SOFTWARE TESTING;

EID: 84864272683     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/IWAST.2012.6228997     Document Type: Conference Paper

References (13)

1. F. Martinelli and P. Mori, "On usage control for grid systems," Future Generation Computer Systems, vol. 26, no. 7, pp. 1032-1042, 2010.
2. A. Castrucci, F. Martinelli, P. Mori, and F. Roperti, "Enhancing Java ME Security Support with Resource Usage Monitoring," in Proc. of ICICS 08, vol. 5308, pp. 256-266.
3. M. Colombo, F. Martinelli, P. Mori, B. Martini, M. Gharbaoui, and P. Castoldi, "Extending resource access in multiprovider networks using trust management," Journal of Comp. Net. and Comm. (IJCNC), vol. 3, no. 3, pp. 133-147, 2011.
4. Y. Jia and M. Harman, "An Analysis and Survey of the Development of Mutation Testing," IEEE Transactions on Software Engineering, vol. 37, no. 5, pp. 649-678, 2011.
5. R. Sandhu and J. Park., "The UCONABC usage control model," ACM Transactions on Information and System Security, vol. 7, no. 1, pp. 128-174, 2004.
6. X. Zhang, F. Parisi-presicce, and R. Sandhu, "Formal model and policy specification of usage control," ACM Trans. on Inf. and Systems Security, vol. 8, no. 4, pp. 351-387, 2005.
7. A. Petrenko, "Fault model-driven test derivation from finite state models: Annotated bibliography," in Proc. of the 4th Summer School on Modeling and Verification of Parallel Processes, 2001, pp. 196-205.
8. L. Shan and H. Zhu, "Generating structurally complex test cases by data mutation: A case study of testing an automated modelling tool," Comp. Jour., vol. 52, pp. 571-588, 2007.
9. E. Martin and T. Xie, "A fault model and mutation testing of access control policies," in Proc. of WWW '07, pp. 667-676.
10. A. Bertolino, F. Lonetti, and E. Marchetti, "Systematic XACML Request Generation for Testing Purposes," in Proc. of 36th EUROMICRO Conference, 2010, pp. 3-11.
11. A. Pretschner, T. Mouelhi, and Y. Le Traon, "Model-based tests for access control policies," in Proc. of ICST, 2008, pp. 338-347.
12. E. Martin and T. Xie, "Automated test generation for access control policies via change-impact analysis," in Proc. of SESS, 2007, pp. 5-12.
13. M. Büchler, J. Oudinet, and A. Pretschner, "Security mutants for property-based testing," in Proc. of TAP, 2011, pp. 69-77.