A toolchain for designing and testing XACML policies

Proceedings - IEEE 6th International Conference on Software Testing, Verification and Validation, ICST 2013

Volumn , Issue , 2013, Pages 495-496

  Bertolino, Antonia ^a   Busch, Marianne ^b   Daoudagh, Said ^a   Koch, Nora ^b   Lonetti, Francesca ^a   Marchetti, Eda ^a  

^a ISTI CNR   (Italy)

^b UNIVERSITY OF MUNICH   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

ACCESS CONTROL MECHANISM; ACCESS CONTROL POLICIES; MODEL DRIVEN APPROACH; SECURITY MECHANISM; XACML POLICIES;

ACCESS CONTROL;

SOFTWARE TESTING;

EID: 84883334900     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICST.2013.70     Document Type: Conference Paper

References (5)

1. OASIS, "eXtensible Access Control Markup Language (XACML) Version 2.0," http://docs.oasisopen. org/xacml/2.0/access control-xacml-2.0-core- specos. pdf, February 1 Feb 2005.
2. F. Massacci and N. Zannone, "A model-driven approach for the specification and analysis of access control policies," in Proc. of the OTM Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE, 2008, pp. 1087-1103.
3. A. Pretschner, T. Mouelhi, and Y. Le Traon, "Model-based tests for access control policies," in Proc. of ICST, 2008, pp. 338-347.
4. M. Busch, A. Knapp, and N. Koch, "Modeling Secure Navigation in Web Information Systems," in BIR, ser. LNBIP 90. Springer, 2011, pp. 239-253.
5. A. Bertolino, S. Daoudagh, F. Lonetti, and E. Marchetti, "The X-CREATE framework: a comparison of XACML policy testing strategies," in Proc. of WEBIST, 2012, pp. 155-160.