Test generation for network security rules

Authors:
Vianney Darmaillacq;Jean-Claude Fernandez;Roland Groz;Laurent Mounier;Jean-Luc Richier
Affiliations:
Laboratoire LSR-IMAG, St Martin d'Hères, France;Laboratoire Vérimag, Centre Equation, Gières, France;Laboratoire LSR-IMAG, St Martin d'Hères, France;Laboratoire Vérimag, Centre Equation, Gières, France;Laboratoire LSR-IMAG, St Martin d'Hères, France
Venue:
TestCom'06 Proceedings of the 18th IFIP TC6/WG6.1 international conference on Testing of Communicating Systems
Year:
2006

Citing 7
Cited 8

A policy description language

AAAI '99/IAAI '99 Proceedings of the sixteenth national conference on Artificial intelligence and the eleventh Innovative applications of artificial intelligence conference innovative applications of artificial intelligence
The Ponder Policy Specification Language

POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
A stratification-based approach for handling conflicts in access control

Proceedings of the eighth ACM symposium on Access control models and technologies
Organization based access control

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Nomad: A Security Model with Non Atomic Actions and Deadlines

CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
The temporal logic of programs

SFCS '77 Proceedings of the 18th Annual Symposium on Foundations of Computer Science
Firewall conformance testing

TestCom'05 Proceedings of the 17th IFIP TC6/WG 6.1 international conference on Testing of Communicating Systems

A formal approach for testing security rules

Proceedings of the 12th ACM symposium on Access control models and technologies
Dynamic Observers for the Synthesis of Opaque Systems

ATVA '09 Proceedings of the 7th International Symposium on Automated Technology for Verification and Analysis
Automatic Testing of Access Control for Security Properties

TESTCOM '09/FATES '09 Proceedings of the 21st IFIP WG 6.1 International Conference on Testing of Software and Communication Systems and 9th International FATES Workshop
More testable properties

ICTSS'10 Proceedings of the 22nd IFIP WG 6.1 international conference on Testing software and systems
Security mutants for property-based testing

TAP'11 Proceedings of the 5th international conference on Tests and proofs
Synthesis of opaque systems with static and dynamic masks

Formal Methods in System Design
A test calculus framework applied to network security policies

FATES'06/RV'06 Proceedings of the First combined international conference on Formal Approaches to Software Testing and Runtime Verification
A compositional testing framework driven by partial specifications

TestCom'07/FATES'07 Proceedings of the 19th IFIP TC6/WG6.1 international conference, and 7th international conference on Testing of Software and Communicating Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Checking that a security policy has been correctly deployed over a network is a key issue for system administrators. Since policies are usually expressed by rules, we propose a method to derive tests from a set of rules with a single modality. For each element of our language and each type of rule, we propose a pattern of test, which we call a tile. We then combine those tiles into a test for the whole rule.