A framework for modelling and testing of security policies

@inproceedings{Brgger2012AFF,
  title={A framework for modelling and testing of security policies},
  author={Lukas Br{\"u}gger},
  year={2012},
  url={https://api.semanticscholar.org/CorpusID:63257537}
}
This thesis presents a uniform framework for modelling security policies and shows how this framework is used for model-based conformance testing of systems implementing these policies and provides powerful techniques to reason about policies and support for a tighter integration of tests and proofs.
View via Publisher
brucker.ch
6 Citations
Background Citations
2
Methods Citations
1

Figures and Tables from this paper

6 Citations

Model-based Conformance Testing of Security Properties

A model-based test case generation approach is discussed that can be used for both testing the correctness of the security infrastructure as well as the conformance of its configuration to a high-level security policy.

Formal firewall conformance testing: an application of test and proof techniques

A formal model of both stateless and stateful firewalls (packet filters), including NAT, is presented to which a specification‐based conformance test case generation approach is applied and a verified optimisation technique for this approach is presented.

The Unified Policy Framework (UPF)

We present the Unified Policy Framework (UPF), a generic framework for modelling security (access-control) policies. UPF emphasizes the view that a policy is a policy decision function that grants or

Model-Based Testing for Network Security Protocol for E-Banking Application

The Kerberos V5 network authentication protocol is used in this research to demonstrate customers’ identity to a server (and the other way around) over an uncertain connection and Password-based encryption algorithm is used for message exchange between client and Kerbero.

hol-TestGen/fw - An Environment for Specification-Based Firewall Conformance Testing

The hol-TestGen environment is conceived as a system for modeling and semi-automated test generation with an emphasis on expressive power and generality. However, its underlying technical framework

Symbolic Methods in Testing

  • 2013

82 References

Verified Firewall Policy Transformations for Test Case Generation

This work derives a collection of semantics-preserving policy transformation rules and an algorithm that optimizes the specification with respect of the number of test cases required for path coverage from a formal model for firewall policies in higher-order logic.

Testing Privacy Policies Using Models

This work proposes a framework which is based on models to support the automation of testing if a software system meets a policy, and demonstrates its applicability via two examples.

Model Based Testing with Labelled Transition Systems

    J. Tretmans
    Computer Science
    Formal Methods and Testing
  • 2008
This tutorial chapter describes a model based testing theory where models are expressed as labelled transition systems, and compliance is defined with the 'ioco' implementation relation.

Testing Security Policies: Going Beyond Functional Testing

To quantify the effectiveness of a set of test cases to detect security policy flaws, adapt mutation analysis and define security policy mutation operators to confirm that security must become a specific target of testing to reach a satisfying level of confidence in security mechanisms.

A fault model and mutation testing of access control policies

A fault model for access control policies and a framework to explore it is presented, which includes mutation operators used to implement the fault model, mutant generation, equivalent-mutant detection, and mutant-killing determination, and a relationship between structural coverage and fault-detection effectiveness is determined.

An Automated Framework for Validating Firewall Policy Enforcement

This paper presents a framework for automatic testing of the firewall policy enforcement or implementation using efficient random traffic and policy generation techniques, and describes the implementation of the framework, which includes the policy generation, test cases generation, capturing and analyzing firewall out put, and creating detailed test reports.

Systematic Structural Testing of Firewall Policies

This work proposes a systematic structural testing approach for firewall policies to help ensure the correctness of a firewall policy, and develops three automated packet generation techniques: the random packet generation, the one based on local constraint solving, and the most sophisticated one based on global constraint solving.

Enabling verification and conformance testing for access control model

The methodology attempts to verify formal specifications of a role-based access control model and corresponding policies with selected security properties and systematically articulate testing cases from formal specifications to validate conformance to the system design and implementation.

Integrating formal verification and conformance testing for reactive systems

A methodology integrating verification and conformance testing of an extended input-output automaton and a set of safety properties and possibility properties, which is illustrated on simple examples and on a bounded retransmission protocol.

An approach to modular and testable security models of real-world health-care applications

We present a generic modular policy modelling framework and instantiate it with a substantial case study for model-based testing of some key security mechanisms of applications and services of the
...