Available on ORBilu since
03 March 2016
Paper published in a journal (Scientific congresses, symposiums and conference proceedings)
Coverage-based Test Cases Selection for XACML Policies
Bertolino, Antonia; Le Traon, Yves; Lonetti, Francesca et al.
2014In IEEE International Conference on Software Testing Verification and Validation Workshops, p. 12-21
Peer reviewed
 

Files


Full Text
Coverage-based Test Cases Selection for XACML Policies.pdf
Publisher postprint (260.25 kB)

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
coverage criterion; test selection; XACML based access control systems; Access control policies; Coverage criteria; Critical tasks; De facto standard; Mutation analysis; Mutation score; XACML policies
Abstract :
[en] XACML is the de facto standard for implementing access control policies. Testing the correctness of policies is a critical task. The test of XACML policies involves running requests and checking manually the correct response. It is therefore important to reduce the manual test effort by automatically selecting the most important requests to be tested. This paper introduces the XACML smart coverage selection approach, based on a proposed XACML policy coverage criterion. The approach is evaluated using mutation analysis and is compared on the one side with a not-reduced test suite, on the other with random and greedy optimal test selection approaches. We performed the evaluation on a set of six real world policies. The results show that our selection approach can reach good mutation scores, while significantly reducing the number of tests to be run.
Disciplines :
Computer science
Author, co-author :
Bertolino, Antonia;  CNR, Ist Sci & Tecnol Informaz A Faedo, I-56100 Pisa, Italy.
Le Traon, Yves ;  University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
Lonetti, Francesca;  CNR, Ist Sci & Tecnol Informaz A Faedo, I-56100 Pisa, Italy.
Marchetti, Eda;  CNR, Ist Sci & Tecnol Informaz A Faedo, I-56100 Pisa, Italy.
Mouelhi, Tejeddine;  Univ Luxembourg, Interdisciplinary Ctr Secur Reliabil & Trust SnT, Luxembourg, Luxembourg.
External co-authors :
yes
Language :
English
Title :
Coverage-based Test Cases Selection for XACML Policies
Publication date :
2014
Event name :
7th IEEE International Conference on Software Testing, Verification and Validation (ICST)
Event organizer :
IEEE Comp Soc, IEEE, ABB
Event place :
Cleveland, United States - Ohio
Event date :
MAR 31-APR 04, 2014
Audience :
International
Journal title :
IEEE International Conference on Software Testing Verification and Validation Workshops
ISSN :
2159-4848
Publisher :
Ieee, New York, Unknown/unspecified
Special issue title :
2014 SEVENTH IEEE INTERNATIONAL CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION WORKSHOPS (ICSTW 2014)
Pages :
12-21
Peer reviewed :
Peer reviewed
Commentary :
978-0-7695-5194-4

Statistics


Number of views
120 (2 by Unilu)
Number of downloads
297 (8 by Unilu)

Scopus citations®
 
20
Scopus citations®
without self-citations
12
WoS citations
 
15

Bibliography


Similar publications



Contact ORBilu