Please use this identifier to cite or link to this item:
http://hdl.handle.net/2080/1227
Full metadata record
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Sharma, S | - |
dc.contributor.author | Jena, S K | - |
dc.date.accessioned | 2010-04-19T07:44:08Z | - |
dc.date.available | 2010-04-19T07:44:08Z | - |
dc.date.issued | 2009-12 | - |
dc.identifier.citation | Proceedings of 12th International Conference on Information Technology, ICIT2009, Dec 21-24, 2009, Bhubaneswar, India, P 60-65 | en |
dc.identifier.isbn | 9780070680142 | - |
dc.identifier.uri | http://hdl.handle.net/2080/1227 | - |
dc.description | Copyright belongs to Proceedings Publisher Tata McGraw-Hill | en |
dc.description.abstract | In today’s scenario any multiuser system need to implement access control for protecting its resources from unauthorized access or damage. With the help of separate policy specification language we can specify these access control policies. However, it is challenging to specify a correct access control policy and so, it is common for the security of a system to be compromised because of the incorrect specification of these policies. There are many ways in which a policy can be checked for correctness like, formal verification, analysis and testing. In this paper, a testing framework called ACPC (Access Control Policy Checker) has been introduced; we choose to illustrate the above technique using XACML language. We conduct extensive experiments using nine policy sets to evaluate the effectiveness of the above technique. The experimental result shows that ACPC can effectively generate requests to achieve high structural coverage of policies and outperforms random requests generation in terms of policy structural coverage and fault-detection capability. We have used nine mutation operators to make the mutant policy for mutation testing. We found the better result by classify these mutation operator in to three classes. We got up to 98% of mutant killed by one class of mutation operator, these results shows that, above framework generates better request sets and the classification gives better performance in terms of computational cost. | en |
dc.format.extent | 946988 bytes | - |
dc.format.mimetype | application/pdf | - |
dc.language.iso | en | - |
dc.publisher | Tata McGraw Hill Education Private Limited, New Delhi | en |
dc.subject | Access control policies | en |
dc.subject | hange-impact analysis | en |
dc.subject | mutation operator | en |
dc.subject | mutation testing | en |
dc.subject | XACML | en |
dc.title | A Fault Model for Testing the Access Control Policies using Classified Mutation Operator | en |
dc.type | Book chapter | en |
Appears in Collections: | Conference Papers |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
Suraj-ICIT09.pdf | 924.79 kB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.