Skip to Main content Skip to Navigation
Conference papers

Automatic Testing of Access Control for Security Properties

Abstract : In this work, we investigate the combination of controller synthesis and test generation techniques for the testing of open, partially observable systems with respect to security policies. We consider two kinds of properties: integrity properties and confidentiality properties. We assume that the behavior of the system is modeled by a labeled transition system and assume the existence of a black-box implementation. We first outline a method allowing to automatically compute an ideal access control ensuring these two kinds of properties. Then, we show how to derive testers that test the conformance of the implementation with respect to its specification, the correctness of the real access control that has been composed with the implementation in order to ensure a security property, and the security property itself.
Document type :
Conference papers
Complete list of metadata

Cited literature [15 references]  Display  Hide  Download
Contributor : Hervé Marchand Connect in order to contact the contributor
Submitted on : Friday, April 23, 2010 - 1:55:22 PM
Last modification on : Friday, February 4, 2022 - 3:09:12 AM
Long-term archiving on: : Friday, October 19, 2012 - 1:36:31 PM


Files produced by the author(s)




Hervé Marchand, Jérémy Dubreil, Thierry Jéron. Automatic Testing of Access Control for Security Properties. TESTCOM/FATES 2009, Nov 2009, Eindhoven, Netherlands. pp.113-128, ⟨10.1007/978-3-642-05031-2⟩. ⟨inria-00420424⟩



Record views


Files downloads