Reference : Coverage-based Test Cases Selection for XACML Policies
Scientific congresses, symposiums and conference proceedings : Paper published in a journal
Engineering, computing & technology : Computer science
http://hdl.handle.net/10993/25154
Coverage-based Test Cases Selection for XACML Policies
English
Bertolino, Antonia [CNR, Ist Sci & Tecnol Informaz A Faedo, I-56100 Pisa, Italy.]
Le Traon, Yves mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)]
Lonetti, Francesca [CNR, Ist Sci & Tecnol Informaz A Faedo, I-56100 Pisa, Italy.]
Marchetti, Eda [CNR, Ist Sci & Tecnol Informaz A Faedo, I-56100 Pisa, Italy.]
Mouelhi, Tejeddine [Univ Luxembourg, Interdisciplinary Ctr Secur Reliabil & Trust SnT, Luxembourg, Luxembourg.]
2014
IEEE International Conference on Software Testing Verification and Validation Workshops
Ieee
2014 SEVENTH IEEE INTERNATIONAL CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION WORKSHOPS (ICSTW 2014)
12-21
Yes
International
2159-4848
New York
7th IEEE International Conference on Software Testing, Verification and Validation (ICST)
MAR 31-APR 04, 2014
IEEE Comp Soc, IEEE, ABB
Cleveland
OH
[en] coverage criterion ; test selection ; XACML based access control systems ; Access control policies ; Coverage criteria ; Critical tasks ; De facto standard ; Mutation analysis ; Mutation score ; Test selection ; XACML policies
[en] XACML is the de facto standard for implementing access control policies. Testing the correctness of policies is a critical task. The test of XACML policies involves running requests and checking manually the correct response. It is therefore important to reduce the manual test effort by automatically selecting the most important requests to be tested. This paper introduces the XACML smart coverage selection approach, based on a proposed XACML policy coverage criterion. The approach is evaluated using mutation analysis and is compared on the one side with a not-reduced test suite, on the other with random and greedy optimal test selection approaches. We performed the evaluation on a set of six real world policies. The results show that our selection approach can reach good mutation scores, while significantly reducing the number of tests to be run.
http://hdl.handle.net/10993/25154
10.1109/ICSTW.2014.49
978-0-7695-5194-4

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
Coverage-based Test Cases Selection for XACML Policies.pdfPublisher postprint254.15 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.