From model-checking to automated testing of security protocols: bridging the gap
TAP'12 Proceedings of the 6th international conference on Tests and Proofs
Hi-index | 0.00 |
Privacy policies are usually expressed at a high level using languages such as P3P, EPAL, which are independent of applications. To check if a system satisfies a privacy policy requires to link it with the behaviour of the system and its environment. We propose a framework which is based on models to support the automation of testing if a software system meets a policy. In our framework, policies and system's behaviour are expressed using formal models. These formal models are then combined and used to derive test cases. The main advantage of this approach is the automation of the testing process. We demonstrateits applicability via two examples.