XACML Language; Access control systems; Model-based-testing
Abstract :
[en] In access control systems, aimed at regulating the accesses to protected data and resources, a critical component
is the Policy Decision Point (PDP), which grants or denies the access according to the defined policies.
Due to the complexity of the standard language, it is recommended to rely on model-driven approaches which
allow to overcome difficulties in the XACML policy definition. We provide in this paper a toolchain that
involves a model-driven approach to specify and generate XACML policies and also enables automated testing
of the PDP component. We use XACML-based testing strategies for generating appropriate test cases
which are able to validate the functional aspects, constraints, permissions and prohibitions of the PDP. An
experimental assessment of the toolchain and its use on a realistic case study are also presented.
Disciplines :
Computer science
Author, co-author :
Daoudagh, Said; Istituto di Scienza e Tecnologie dell’Informazione “A. Faedo”
El Kateb, Donia ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Lonetti, Francesca; Istituto di Scienza e Tecnologie dell’Informazione “A. Faedo”
Marchetti, Eda; Istituto di Scienza e Tecnologie dell’Informazione “A. Faedo”