Modeling System Security Rules with Time Constraints Using Timed Extended Finite State Machines
DS-RT '08 Proceedings of the 2008 12th IEEE/ACM International Symposium on Distributed Simulation and Real-Time Applications
Towards a test cases generation method for security policies
ICT'09 Proceedings of the 16th international conference on Telecommunications
Dynamic deployment of context-aware access control policies for constrained security devices
Journal of Systems and Software
Information and Software Technology
A model-based approach to automated testing of access control policies
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Hi-index | 0.00 |
Security policy testing is a practical way to ensure security policies are correctly implemented in information or networking systems with a certain level of confidence. In this paper, we adapt model based testing techniques for formal models of security policies, and propose a two stage approach to produce test cases from a security policy specified in Or-BAC, i.e., test purpose generation from Or-BAC rules, and test case generation from test purposes.