DSpace@nitr >
National Institue of Technology- Rourkela >
Conference Papers >

Please use this identifier to cite or link to this item: http://hdl.handle.net/2080/1227

Title: A Fault Model for Testing the Access Control Policies using Classified Mutation Operator
Authors: Sharma, S
Jena, S K
Keywords: Access control policies
hange-impact analysis
mutation operator
mutation testing
XACML
Issue Date: Dec-2009
Publisher: Tata McGraw Hill Education Private Limited, New Delhi
Citation: Proceedings of 12th International Conference on Information Technology, ICIT2009, Dec 21-24, 2009, Bhubaneswar, India, P 60-65
Abstract: In today‚Äôs scenario any multiuser system need to implement access control for protecting its resources from unauthorized access or damage. With the help of separate policy specification language we can specify these access control policies. However, it is challenging to specify a correct access control policy and so, it is common for the security of a system to be compromised because of the incorrect specification of these policies. There are many ways in which a policy can be checked for correctness like, formal verification, analysis and testing. In this paper, a testing framework called ACPC (Access Control Policy Checker) has been introduced; we choose to illustrate the above technique using XACML language. We conduct extensive experiments using nine policy sets to evaluate the effectiveness of the above technique. The experimental result shows that ACPC can effectively generate requests to achieve high structural coverage of policies and outperforms random requests generation in t...
Description: Copyright belongs to Proceedings Publisher Tata McGraw-Hill
URI: http://hdl.handle.net/2080/1227
ISBN: 9780070680142
Appears in Collections:Conference Papers

Files in This Item:

File Description SizeFormat
Suraj-ICIT09.pdf924KbAdobe PDFView/Open

Show full item record

All items in DSpace are protected by copyright, with all rights reserved.

 

Powered by DSpace Feedback