Estimation and Enhancement of Real-Time Software Reliability Through Mutation Analysis
IEEE Transactions on Computers - Special issue on fault-tolerant computing
Software unit test coverage and adequacy
ACM Computing Surveys (CSUR)
Coverage Criteria for Logical Expressions
ISSRE '03 Proceedings of the 14th International Symposium on Software Reliability Engineering
Verification and change-impact analysis of access-control policies
Proceedings of the 27th international conference on Software engineering
XACML policy performance evaluation using a flexible load testing framework
Proceedings of the 17th ACM conference on Computer and communications security
Hi-index | 0.00 |
Access control policies are increasingly written in specification languages such as XACML. To increase confidence in the correctness of specified policies, policy developers can conduct policy testing to probe the Policy Decision Point (PDP) with some typical test inputs (in the form of requests) and check test outputs (in the form of responses) against expected ones. Unfortunately, manual test generation is tedious and manually generated tests are often not sufficient to exercise various policy behaviors. In this paper we present an efficient test generation approach and its supporting tool called Targen. We further reduce the number of generated requests based on structural coverage information to facilitate manual inspection. If a rule is unreachable due to an unsatisfiable set of constraints, it is redundant. We also present an approach for redundant-rule detection based on change-impact analysis and its supporting tool call Cirg. We have evaluated Targen on policies collected from various sources, some of which are complex policies being used in real systems. Our results show that Targen can effectively generate tests to achieve high structural coverage of policies and outperforms the existing random test generation in terms of structural coverage and fault-detection capability. Cirg can identify a large number of redundant rules among rules defined in a complex, real policy.