Abstract | ||
---|---|---|
Security policy testing is a practical way to ensure security policies are correctly implemented in information or networking systems with a certain level of confidence. In this paper, we adapt model based testing techniques for formal models of security policies, and propose a two stage approach to produce test cases from a security policy specified in Or-BAC, i.e., test purpose generation from Or-BAC rules, and test case generation from test purposes. |
Year | DOI | Venue |
---|---|---|
2007 | 10.1109/COMPSAC.2007.210 | COMPSAC (2) |
Keywords | Field | DocType |
test case,test case generation,program testing,networking system,security policy testing,certain level,security policy,organization-based access control,authorisation,or-bac rule,test purpose,test generation,security policies,test purpose generation,formal model,information security,model based testing,concurrent computing,computer applications,real time systems,computer security,system testing,unified modeling language,computer science | Security testing,Network security policy,Computer science,Software security assurance,Computer security,Security engineering,Information security standards,Security service,Security information and event management,Computer security model | Conference |
Volume | ISSN | ISBN |
2 | 0730-3157 | 0-7695-2870-8 |
Citations | PageRank | References |
22 | 0.99 | 7 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Keqin Li | 1 | 111 | 7.80 |
Laurent Mounier | 2 | 1187 | 79.54 |
Roland Groz | 3 | 496 | 50.60 |