Similarity testing for access control

  title={Similarity testing for access control},
  author={Antonia Bertolino and Said Daoudagh and Donia El Kateb and Christopher Henard and Yves Le Traon and Francesca Lonetti and Eda Marchetti and Tejeddine Mouelhi and Mike Papadakis},
  journal={Information & Software Technology},
Context: Access Control is among the most important security mechanisms, and XACML is the de facto standard for specifying, storing and deploying access control policies. Since it is critical that enforced policies are correct, policy testing must be performed in an effective way to identify potential security flaws and bugs. In practice, exhaustive testing is impossible due to budget constraints. Therefore the tests need to be prioritized so that resources are focused on their most relevant… CONTINUE READING


Publications referenced by this paper.
Showing 1-10 of 39 references

Automated test generation for access control policies

OOPSLA Companion • 2006
View 4 Excerpts
Highly Influenced

A Similarity Measure for Comparing XACML Policies

IEEE Transactions on Knowledge and Data Engineering • 2013
View 1 Excerpt

Assessing Software Product Line Testing Via Model-Based Mutation: An Application to Similarity Testing

2013 IEEE Sixth International Conference on Software Testing, Verification and Validation Workshops • 2013
View 2 Excerpts

Bridging the gap between the total and additional test-case prioritization strategies

L. Zhang, D. Hao, G. Rothermel, H. Mei
in: Proc. of the International Conference on Software Engineering (ICSE) • 2013


A. Bertolino, S. Daoudagh, F. Lonetti
Marchetti., XACMUT: XACML 2.0 Mutants Generator, in: Proc. of 8th International Workshop on Mutation Analysis • 2013
View 3 Excerpts

Automatic XACML Requests Generation for Policy Testing

2012 IEEE Fifth International Conference on Software Testing, Verification and Validation • 2012
View 6 Excerpts

Similar Papers

Loading similar papers…