loading
Papers

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Antonia Bertolino ; Said Daoudagh ; Francesca Lonetti and Eda Marchetti

Affiliation: Istituto di Scienza e Tecnologie dell’Informazione “A. Faedo”, Italy

ISBN: 978-989-8565-08-2

Keyword(s): XACML, Policy Testing, XACML Requests Derivation.

Related Ontology Subjects/Areas/Topics: Access Control ; Data Engineering ; Databases and Data Security ; Information and Systems Security ; Internet Technology ; Web Information Systems and Technologies ; XML and Data Management

Abstract: The specification of access control policies with the XACML language could be an error prone process, so a testing is usually the solution for increasing the confidence on the policy itself. In this paper, we compare two methodologies for deriving test cases for policy testing, i.e. XACML requests, that are implemented in the X-CREATE tool. We consider a simple combinatorial strategy and a XML-based approach (XPT) which exploit policy values and the XACML Context Schema. A stopping criterion for the test cases generation is also provided and used for the comparison of the strategies in terms of fault detection effectiveness.

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 34.204.200.74

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Bertolino, A.; Daoudagh, S.; Daoudagh, Said and Marchetti, E. (2012). THE X-CREATE FRAMEWORK - A Comparison of XACML Policy Testing Strategies.In Proceedings of the 8th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST, ISBN 978-989-8565-08-2, pages 155-160. DOI: 10.5220/0003938301550160

@conference{webist12,
author={Antonia Bertolino. and Said Daoudagh. and Daoudagh, Said and Eda Marchetti.},
title={THE X-CREATE FRAMEWORK - A Comparison of XACML Policy Testing Strategies},
booktitle={Proceedings of the 8th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,},
year={2012},
pages={155-160},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003938301550160},
isbn={978-989-8565-08-2},
}

TY - CONF

JO - Proceedings of the 8th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,
TI - THE X-CREATE FRAMEWORK - A Comparison of XACML Policy Testing Strategies
SN - 978-989-8565-08-2
AU - Bertolino, A.
AU - Daoudagh, S.
AU - Daoudagh, Said
AU - Marchetti, E.
PY - 2012
SP - 155
EP - 160
DO - 10.5220/0003938301550160

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.