On Modeling and Testing Security Properties of Vehicular Networks

Aouadi, Mohamed H. E.; Toumi, Khalifa; Cavalli, Ana

doi:10.1109/icstw.2014.56

Cited by 3 publications

(3 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [6] the authors give an overview of existing security testing approaches and, based on that, develop a novel classification for model-based security testing along two criteria: risk and automation of test generation. [7] provides a solution for testing XACML described security policies. The integration is also done automatically.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A Framework for Testing and Monitoring Security Policies: Application to an Electronic Voting System

Toumi

Aouadi

Cavalli

et al. 2018

The Computer Journal

Self Cite

View full text Add to dashboard Cite

show abstract

Section: Related Workmentioning

confidence: 99%

“…In the literature, we find several security testing and monitoring tools [3,4,5,6,7] that could be used to achieve the same security testing and monitoring objectives.…”

Section: Introductionmentioning

confidence: 99%

A Framework for Testing and Monitoring Security Policies: Application to an Electronic Voting System

Toumi

Aouadi

Cavalli

et al. 2018

The Computer Journal

Self Cite

View full text Add to dashboard Cite

show abstract

“…B1) and on the monitoring phase (block 3 in Fig. B1), while the details of the dynamic specification of security policies (Ayed et al, 2013;Horcas et al, 2014a) and the testing phases (Aouadi et al, 2014(Aouadi et al, , 2015 are beyond the scope of this paper. The next section presents the correlation that must be maintained between the security policies, the aspects, and the security properties.…”

Section: Testing For Vulnerabilities Detectionmentioning

confidence: 99%

An approach for deploying and monitoring dynamic security policies

Horcas

Pinto

Fuentes

et al. 2016

Computers & Security

View full text Add to dashboard Cite

Security policies are enforced through the deployment of certain security functionalities within the applications. When the security policies dynamically change, the associated security functionalities currently deployed within the applications must be adapted at runtime in order to enforce the new security policies. INTER-TRUST is a framework for the specification, negotiation, deployment and dynamic adaptation of interoperable security policies, in the context of pervasive systems where devices are constantly exchanging critical information through the network. The dynamic adaptation of the security policies at runtime is addressed using Aspect-Oriented Programming (AOP) that allows enforcing security requirements by dynamically weaving security aspects into the applications. However, a mechanism to guarantee the correct adaptation of the functionality that enforces the changing security policies is needed. In this paper, we present an approach based on the combination of monitoring and detection techniques in order to maintain the correlation between the security policies and the associated functionality deployed using AOP, allowing the INTER-TRUST framework to automatically react when needed.

show abstract

On Studying the Effectiveness of Extended Finite State Machine Based Test Selection Criteria

El-Fakih

Simão

Jadoon

et al. 2014

2014 IEEE Seventh International Conference on Software Testing, Verification and Validation Workshops

View full text Add to dashboard Cite

Many test selection criteria are considered for the derivation of functional tests for reactive systems and protocols modeled using formal techniques such as Extended Finite State Machines (EFSMs). In this paper, we consider three known EFSM specifications and analytically compare the effectiveness of many EFSM test suites. The assessment is conducted using EFSM mutants of these specifications, namely, EFSM mutants with single and double transfer faults. Test selection is based on deriving single transfer fault, double transfer faults, All- Transitions, Transition Tour, All-Predicates, and All-Uses of context variables test suites from the given EFSM specifications and their corresponding flow-graph representations. An order between these test suites (in terms of fault coverage) is establishedfor each considered type of faults. Data flow scores of the best performing test suites are also determined. Further, an initial assessment of test suites randomly generated from the considered EFSM specifications is reported.

show abstract

On Modeling and Testing Security Properties of Vehicular Networks

Cited by 3 publications

References 28 publications

A Framework for Testing and Monitoring Security Policies: Application to an Electronic Voting System

A Framework for Testing and Monitoring Security Policies: Application to an Electronic Voting System

An approach for deploying and monitoring dynamic security policies

On Studying the Effectiveness of Extended Finite State Machine Based Test Selection Criteria

Contact Info

Product

Resources

About