Synthesising verified access control systems in XACML

Zhang, Nan; Ryan, Mark; Guelev, Dimitar P.

doi:10.1145/1029133.1029141

Cited by 37 publications

(30 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Fisler et al [14] developed a tool called Margrave that uses multi-terminal binary decision diagrams [9] to verify user-specified properties and perform change-impact analysis. Zhang et al [29] developed a model-checking algorithm and tool support to evaluate access control policies written in RW languages, which can be converted to XACML [28]. Given an XACML policy and generic properties, our proposed approach conducts conformance checking statically by automatically synthesizing concrete properties for static policy verification (based on Margrave [14]).…”

Section: Related Workmentioning

confidence: 99%

Conformance Checking of Access Control Policies Specified in XACML

Martin

Hwang

et al. 2007

31st Annual International Computer Software and Applications Conference - Vol. 2 - (COMPSAC 2007)

View full text Add to dashboard Cite

show abstract

Section: Related Workmentioning

confidence: 99%

Conformance Checking of Access Control Policies Specified in XACML

Martin

Hwang

et al. 2007

31st Annual International Computer Software and Applications Conference - Vol. 2 - (COMPSAC 2007)

View full text Add to dashboard Cite

show abstract

“…We have applied the coverage-measurement tool on the whole set of the XACML committee specification conformance test suite [6] and a conference paper review system's policy and its requests developed by Zhang et al [41]. The XACML conformance test suite includes 337 distinct policies 4 , 374 requests, their expected responses from the application of the policies.…”

Section: Empirical Study Of Manually Generated Requests' Policy Coveragementioning

confidence: 99%

“…The conference paper review system's policy specified by Zhang et al [41] has 11 requests and 15 rules, which have 10 conditions. These 10 conditions involve the execution of SQL statements that access an external database.…”

Section: Empirical Study Of Manually Generated Requests' Policy Coveragementioning

confidence: 99%

Defining and Measuring Policy Coverage in Testing Access Control Policies

Martin

Xie

2006

Information and Communications Security

View full text Add to dashboard Cite

Abstract. To facilitate managing access control in a system, security officers increasingly write access control policies in specification languages such as XACML, and use a dedicated software component called a Policy Decision Point (PDP). To increase confidence on written policies, certain types of policy testing (often in an ad hoc way) are usually conducted, which probe the PDP with some typical requests and check PDP's responses against expected ones. This paper develops a first step toward systematic policy testing by defining and measuring policy coverage when testing policies. We have developed a coverage-measurement tool to measure policy coverage given a set of XACML policies and a set of requests. We have developed a tool for request generation, which randomly generates requests for a given set of policies, and a tool for request reduction, which greedily selects a nearly minimal set of requests for achieving the same coverage as the originally generated requests. To evaluate coverage-based request reduction and its effect on fault detection, we have conducted an experiment with mutation testing on a set of real policies. Our experimental results show that the coverage-based test reduction can substantially reduce the size of generated requests and incur only relatively low loss on fault detection. We also conduct a study on the policy coverage achieved by manually generated requests.

show abstract

“…As demonstrated by many authors, formal methods have a role to play in this area, with examples including the work of [8] and [9]-both of which are concerned with the modelling and analysis of XACML. Even when the requirements for an access control policy are well understood, it is still possible for mistakes to be made: the flexibility of policy languages increases the potential for mistakes due, in part, to their expressiveness.…”

Section: Introductionmentioning

confidence: 99%

Conformance Checking of Dynamic Access Control Policies

Power

Slaymaker

Simpson

2011

Formal Methods and Software Engineering

View full text Add to dashboard Cite

Abstract. The capture, deployment and enforcement of appropriate access control policies are crucial aspects of many modern software-based systems. Previously, there has been a significant amount of research undertaken with respect to the formal modelling and analysis of access control policies; however, only a limited proportion of this work has been concerned with dynamic policies. In this paper we explore techniques for the modelling, analysis and subsequent deployment of such policies-which may rely on external data. We use the Alloy modelling language to describe constraints on policies and external data; utilising these constraints, we test static instances constructed from the current state of the external data. We present Gauge, a constraint checker for static instances that has been developed to be complementary to Alloy, and show how it is possible to test systems of much greater complexity via Gauge than can typically be handled by a model finder.

show abstract

Synthesising verified access control systems in XACML

Cited by 37 publications

References 5 publications

Conformance Checking of Access Control Policies Specified in XACML

Conformance Checking of Access Control Policies Specified in XACML

Defining and Measuring Policy Coverage in Testing Access Control Policies

Conformance Checking of Dynamic Access Control Policies

Contact Info

Product

Resources

About