Fault coverage of Constrained Random Test Selection for access control: A formal analysis

Authors:
Ammar Masood;Arif Ghafoor;Aditya P. Mathur
Affiliations:
Avionics Engg Department, Institute of Avionics and Aeronautics, Air University, Islamabad, Pakistan;School of ECE, Purdue University, West Lafayette, IN 47906, United States;Department of Computer Science, Purdue University, West Lafayette, IN 47906, United States
Venue:
Journal of Systems and Software
Year:
2010

Citing 15
Cited 0

Test Selection Based on Finite State Models

IEEE Transactions on Software Engineering
On fault coverage of tests for finite state specifications

Computer Networks and ISDN Systems - Special issue on protocol testing
Using Coverage Information to Predict the Cost-Effectiveness of Regression Testing Strategies

IEEE Transactions on Software Engineering
Role activation hierarchies

RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Partition Testing vs. Random Testing: The Influence of Uncertainty

IEEE Transactions on Software Engineering
Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)
On Comparisons of Random, Partition, and Proportional Partition Testing

IEEE Transactions on Software Engineering
A survey of communication protocol testing

Journal of Systems and Software
Temporal Modeling of Software Test Coverage

COMPSAC '02 Proceedings of the 26th International Computer Software and Applications Conference on Prolonging Software Life: Development and Redevelopment
Automated Test Generation for Access Control Policies via Change-Impact Analysis

SESS '07 Proceedings of the Third International Workshop on Software Engineering for Secure Systems
Hints on Test Data Selection: Help for the Practicing Programmer

Computer
Testing Software Design Modeled by Finite-State Machines

IEEE Transactions on Software Engineering
Model-Based Tests for Access Control Policies

ICST '08 Proceedings of the 2008 International Conference on Software Testing, Verification, and Validation
Scalable and Effective Test Generation for Role-Based Access Control Systems

IEEE Transactions on Software Engineering
Access control: principle and practice

IEEE Communications Magazine

Quantified Score

Hi-index	0.00

Visualization

Abstract

A probabilistic model of fault coverage is presented. This model is used to analyze the variation in the fault detection effectiveness associated with the use of two test selection strategies: heuristics-based and Constrained Random Test Selection (CRTS). These strategies arise in the context of conformance test suite generation for Role Based Access Control (RBAC) systems. The proposed model utilizes coverage matrix based approach for fault coverage analysis. First, two boundary instances of fault distribution are considered and then generalized. The fault coverages of the test suites generated using the heuristics-based and the CRTS strategies, applied to a sample RBAC policy, are then compared through simulation. Finally the simulation results are correlated with a case study.