Please use this identifier to cite or link to this item:
Full metadata record
DC FieldValueLanguage
dc.contributor.authorSharma, S-
dc.contributor.authorJena, S K-
dc.identifier.citationProceedings of 12th International Conference on Information Technology, ICIT2009, Dec 21-24, 2009, Bhubaneswar, India, P 60-65en
dc.descriptionCopyright belongs to Proceedings Publisher Tata McGraw-Hillen
dc.description.abstractIn today’s scenario any multiuser system need to implement access control for protecting its resources from unauthorized access or damage. With the help of separate policy specification language we can specify these access control policies. However, it is challenging to specify a correct access control policy and so, it is common for the security of a system to be compromised because of the incorrect specification of these policies. There are many ways in which a policy can be checked for correctness like, formal verification, analysis and testing. In this paper, a testing framework called ACPC (Access Control Policy Checker) has been introduced; we choose to illustrate the above technique using XACML language. We conduct extensive experiments using nine policy sets to evaluate the effectiveness of the above technique. The experimental result shows that ACPC can effectively generate requests to achieve high structural coverage of policies and outperforms random requests generation in terms of policy structural coverage and fault-detection capability. We have used nine mutation operators to make the mutant policy for mutation testing. We found the better result by classify these mutation operator in to three classes. We got up to 98% of mutant killed by one class of mutation operator, these results shows that, above framework generates better request sets and the classification gives better performance in terms of computational cost.en
dc.format.extent946988 bytes-
dc.publisherTata McGraw Hill Education Private Limited, New Delhien
dc.subjectAccess control policiesen
dc.subjecthange-impact analysisen
dc.subjectmutation operatoren
dc.subjectmutation testingen
dc.titleA Fault Model for Testing the Access Control Policies using Classified Mutation Operatoren
dc.typeBook chapteren
Appears in Collections:Conference Papers

Files in This Item:
File Description SizeFormat 
Suraj-ICIT09.pdf924.79 kBAdobe PDFView/Open

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.