Paper published in a journal (Scientific congresses, symposiums and conference proceedings)
Testing obligation policy enforcement using mutation analysis
Elrakaiby, Yehia; Mouelhi, Tejeddine; Le Traon, Yves
2012In Proceedings - IEEE 5th International Conference on Software Testing, Verification and Validation, ICST 2012, p. 673-680
Peer reviewed
 

Files


Full Text
Testing Obligation Policy.pdf
Publisher postprint (873.09 kB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
Access control policies; Application codes; Java program; Key elements; Minimal errors; Mutation analysis; Mutation operators; Mutation process; Policy enforcement; Policy management; Test case; Test selection; Usage control; Access control; Java programming language; Software testing
Abstract :
[en] The support of obligations with access control policies allows the expression of more sophisticated requirements such as usage control, availability and privacy. In order to enable the use of these policies, it is crucial to ensure their correct enforcement and management in the system. For this reason, this paper introduces a set of mutation operators for obligation policies. The paper first identifies key elements in obligation policy management, then presents mutation operators which injects minimal errors which affect these aspects. Test cases are qualified w.r.t. their ability in detecting problems, simulated by mutation, in the interactions between policy management and the application code. The use of policy mutants as substitutes for real flaws enables a first investigation of testing obligation policies in a system. We validate our work by providing an implementation of the mutation process: the experiments conducted on a Java program provide insights for improving test selection. © 2012 IEEE.
Disciplines :
Computer science
Identifiers :
eid=2-s2.0-84862338768
Author, co-author :
Elrakaiby, Yehia ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Mouelhi, Tejeddine ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Le Traon, Yves ;  University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
External co-authors :
yes
Language :
English
Title :
Testing obligation policy enforcement using mutation analysis
Publication date :
2012
Event name :
5th IEEE International Conference on Software Testing, Verification and Validation, ICST 2012
Event date :
17 April 2012 through 21 April 2012
Audience :
International
Journal title :
Proceedings - IEEE 5th International Conference on Software Testing, Verification and Validation, ICST 2012
Pages :
673-680
Peer reviewed :
Peer reviewed
Commentary :
90301 9780769546704
Available on ORBilu :
since 03 April 2016

Statistics


Number of views
89 (0 by Unilu)
Number of downloads
163 (0 by Unilu)

Scopus citations®
 
16
Scopus citations®
without self-citations
11

Bibliography


Similar publications



Contact ORBilu