Model-Based Tests for Access Control Policies
Résumé
We present a model-based approach to testing access control requirements. By using combinatorial testing, we first automatically generate test cases from and without access control policies- i.e., the model and assess the effectiveness of the test suites by means of mutation testing. We also compare them to purely random tests. For some of the investigated strategies, non-random tests kill considerably more mutants than the same number of random tests. Since we rely on policies only, no information on the application is required at this stage. As a consequence, our methodol- ogy applies to arbitrary implementations of the policy decision points
Domaines
Génie logiciel [cs.SE]
Origine : Fichiers produits par l'(les) auteur(s)
Loading...