Conformance Checking of Access Control Policies Specified in XACML

Hu, Vincent C.; Martin, Evan; Hwang, JeeHyun; Xie, Tao

doi:10.1109/compsac.2007.96

Cited by 47 publications

(30 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…At the origin of this work are [8], [9], [10] which study testing access control languages. Other studies proposed techniques and tools for testing the PDP implementation of security policies written in XACML [11], [19] and RBAC [20], [21]. Fisler et al [22] proposes Magrave, a tool for analyzing XACML policies and performing change-impact analysis.…”

Section: B Mutation Resultsmentioning

confidence: 99%

Testing Obligation Policy Enforcement Using Mutation Analysis

Elrakaiby

Mouelhi

Traon

2012

2012 IEEE Fifth International Conference on Software Testing, Verification and Validation

View full text Add to dashboard Cite

Abstract-The support of obligations with access control policies allows the expression of more sophisticated requirements such as usage control, availability and privacy. In order to enable the use of these policies, it is crucial to ensure their correct enforcement and management in the system. For this reason, this paper introduces a set of mutation operators for obligation policies. The paper first identifies key elements in obligation policy management, then presents mutation operators which injects minimal errors which affect these aspects. Test cases are qualified w.r.t. their ability in detecting problems, simulated by mutation, in the interactions between policy management and the application code. The use of policy mutants as substitutes for real flaws enables a first investigation of testing obligation policies in a system. We validate our work by providing an implementation of the mutation process: the experiments conducted on a Java program provide insights for improving test selection.

show abstract

Section: B Mutation Resultsmentioning

confidence: 99%

Testing Obligation Policy Enforcement Using Mutation Analysis

Elrakaiby

Mouelhi

Traon

2012

2012 IEEE Fifth International Conference on Software Testing, Verification and Validation

View full text Add to dashboard Cite

show abstract

“…In addition, as future work, we plan to perform an empirical study to compare our approach to other similar approaches [25], [26]. In addition, other approaches (like for instance [24], [27], [28]), which are more generic than ours could be also taken into consideration and compared to our proposed approach.…”

Section: Discussionmentioning

confidence: 99%

“…The policy target (lines [5][6][7][8][9][10][11][12] says that this policy applies to any subject, any action, any environment and the "books" resource. This policy has a first rule (ruleA) (lines 13-34) with a target (lines [14][15][16][17][18][19][20][21][22][23][24][25][26][27][28][29][30][31][32][33] specifying that this rule applies only to the access requests of a "read" action of "books", and "documents" resources with any environment. The effect of the second rule (ruleB) (lines 35-50) is Permit when the subject is "Julius", the action is "write", the resource and environment are any resource and any environment respectively.…”

Section: Xacml Languagementioning

confidence: 99%

Coverage-Based Test Cases Selection for XACML Policies

Bertolino

Traon²,

Lonetti

et al. 2014

2014 IEEE Seventh International Conference on Software Testing, Verification and Validation Workshops

View full text Add to dashboard Cite

Abstract-XACML is the de facto standard for implementing access control policies. Testing the correctness of policies is a critical task. The test of XACML policies involves running requests and checking manually the correct response. It is therefore important to reduce the manual test effort by automatically selecting the most important requests to be tested. This paper introduces the XACML smart coverage selection approach, based on a proposed XACML policy coverage criterion. The approach is evaluated using mutation analysis and is compared on the one side with a not-reduced test suite, on the other with random and greedy optimal test selection approaches. We performed the evaluation on a set of six real world policies. The results show that our selection approach can reach good mutation scores, while significantly reducing the number of tests to be run.

show abstract

“…In [12] Hu et al propose an approach for conducting conformance checking of access control policies, specified in XACML and they also propose an implementation of conformance checking based on previous XACML policy verification and testing tools. The work is based on a fault model [13], a structural coverage measurement tool for defining policy coverage metrics [15] and a test generator [14], developed by two of the authors in their former work.…”

Section: Testingmentioning

confidence: 99%

A Formal Equivalence Classes Based Method for Security Policy Conformance Checking

Hermann

Litschauer

Fuß

2012

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Different security policy models have been developed and published in the past. Proven security policy models, if correctly implemented, guarantee the protection of data objects from unauthorized access or usage or prevent an illegal information flow. To verify that a security policy model has been correctly implemented, it is important to define and execute an exhaustive list of test cases, which verify that the formal security policy neither has been over-constrained nor underconstrained. In this paper we present a method for defining an exhaustive list of test cases, based on formally described equivalence classes that are derived from the formal security policy description.

show abstract

Conformance Checking of Access Control Policies Specified in XACML

Abstract: Abstract

Cited by 47 publications

References 22 publications

Testing Obligation Policy Enforcement Using Mutation Analysis

Testing Obligation Policy Enforcement Using Mutation Analysis

Coverage-Based Test Cases Selection for XACML Policies

A Formal Equivalence Classes Based Method for Security Policy Conformance Checking

Contact Info

Product

Resources

About