Model-Based Tests for Access Control Policies

Abstract : We present a model-based approach to testing access control requirements. By using combinatorial testing, we first automatically generate test cases from and without access control policies- i.e., the model and assess the effectiveness of the test suites by means of mutation testing. We also compare them to purely random tests. For some of the investigated strategies, non-random tests kill considerably more mutants than the same number of random tests. Since we rely on policies only, no information on the application is required at this stage. As a consequence, our methodol- ogy applies to arbitrary implementations of the policy decision points
Type de document :
Communication dans un congrès
ICST 2008 : First IEEE International Conference on Software, Testing, Verification and Validation, April 9-11, Lillehammer, Norway, 2008, Lillehammer, Norway. 2008
Liste complète des métadonnées

Littérature citée [16 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/inria-00456952
Contributeur : Didier Vojtisek <>
Soumis le : mardi 16 février 2010 - 10:42:46
Dernière modification le : lundi 25 juin 2018 - 13:18:58
Document(s) archivé(s) le : vendredi 18 juin 2010 - 21:01:11

Fichier

mouelhi08a.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : inria-00456952, version 1

Citation

Alexander Pretschner, Tejeddine Mouelhi, Yves Le Traon. Model-Based Tests for Access Control Policies. ICST 2008 : First IEEE International Conference on Software, Testing, Verification and Validation, April 9-11, Lillehammer, Norway, 2008, Lillehammer, Norway. 2008. 〈inria-00456952〉

Partager

Métriques

Consultations de la notice

389

Téléchargements de fichiers

293