J. Andrews, L. Briand, and Y. Labiche, Is Mutation an Appropriate Tool for Testing Experiments, Proc. ICSE, pp.402-411, 2005.

D. Basin, J. Doser, and T. Lodderstedt, Model driven security, ACM Transactions on Software Engineering and Methodology, vol.15, issue.1, pp.39-91, 2006.
DOI : 10.1145/1125808.1125810

R. Demillo, R. Lipton, and F. Sayward, Hints on Test Data Selection: Help for the Practicing Programmer, Computer, vol.11, issue.4, pp.34-41, 1978.
DOI : 10.1109/C-M.1978.218136

K. Fisler, S. Krishnamurthi, L. Meyerovich, and M. Tschantz, Verification and Change-Impact Analysis of Access Control Policies, Proc. ICSE, pp.196-205, 2005.

M. Grindal, J. Offutt, and S. Andler, Combination testing strategies: a survey, Software Testing, Verification and Reliability, vol.29, issue.3, 2004.
DOI : 10.1002/stvr.319

L. Traon, Y. Mouelhi, T. Baudry, and B. , Testing Security Policies: Going Beyond Functional Testing, The 18th IEEE International Symposium on Software Reliability (ISSRE '07), pp.93-102, 2007.
DOI : 10.1109/ISSRE.2007.27
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.127.3525

K. Li, L. Mounier, and R. Groz, Test Generation from Security Policies in OrBAC, Proc. COMPSAC, issue.2, pp.255-260, 2007.

W. Mallouli, J. Orset, A. Cavalli, N. Cuppens, and F. Cuppens, A formal approach for testing security rules, Proceedings of the 12th ACM symposium on Access control models and technologies , SACMAT '07, pp.127-132, 2007.
DOI : 10.1145/1266840.1266860

E. Martin and T. Xie, A fault model and mutation testing of access control policies, Proceedings of the 16th international conference on World Wide Web , WWW '07, pp.667-676, 2007.
DOI : 10.1145/1242572.1242663

E. Martin and T. Xie, Automated Test Generation for Access Control Policies via Change-Impact Analysis, Third International Workshop on Software Engineering for Secure Systems (SESS'07: ICSE Workshops 2007), pp.5-11, 2007.
DOI : 10.1109/SESS.2007.5

T. Mouelhi, L. Traon, Y. Baudry, and B. , Mutation Analysis for Security Tests Qualification, Testing: Academic and Industrial Conference Practice and Research Techniques, MUTATION (TAICPART-MUTATION 2007), pp.233-242, 2007.
DOI : 10.1109/TAIC.PART.2007.21

A. Pretschner and J. Philipps, 10 Methodological Issues in Model-Based Testing, Model- Based Testing of Reactive Systems, pp.281-291, 2005.
DOI : 10.1007/11498490_13

R. Sandhu, E. Coyne, H. Feinstein, and C. Youman, Role-based access control models, Computer, vol.29, issue.2, pp.38-47, 1996.
DOI : 10.1109/2.485845

R. Sandhu and P. Samarati, Access control: principle and practice, IEEE Communications Magazine, vol.32, issue.9, pp.40-48, 1994.
DOI : 10.1109/35.312842

A. Williams and R. Probert, A practical strategy for testing pair-wise coverage of network interfaces, Proceedings of ISSRE '96: 7th International Symposium on Software Reliability Engineering, pp.246-254, 1996.
DOI : 10.1109/ISSRE.1996.558835

H. Zhu, P. Hall, and J. May, Software unit test coverage and adequacy, ACM Computing Surveys, vol.29, issue.4, pp.366-427, 1997.
DOI : 10.1145/267580.267590
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.93.7961