«

»

Transforming and selecting functional test cases for security policy testing

by Tejeddine Mouelhi, Yves Le Traon, Benoit Baudry
Abstract:
In this paper, we consider typical applications in which the business logic is separated from the access control logic, implemented in an independent component, called the Policy Decision Point (PDP). The execution of functions in the business logic should thus include calls to the PDP, which grants or denies the access to the protected resources/functionalities of the system, depending on the way the PDP has been configured. The task of testing the correctness of the implementation of the security policy is tedious and costly. In this paper, we propose a new approach to reuse and automatically adapt existing functional test cases for specifically testing the security mechanisms. It includes a two step dynamic analysis technique based on mutation applied to security policies (RBAC, XACML, OrBAC). The method is applied to Java programs and provides tools for performing the two steps of the dynamic analyses. Three empirical case studies provide fruitful results and a first proof of concepts for this approach, e.g. by comparing its efficiency to an error-prone manual adaptation task.
Reference:
Transforming and selecting functional test cases for security policy testing (Tejeddine Mouelhi, Yves Le Traon, Benoit Baudry), In Proceedings of the International Conference on Software Testing, Verification and Validation (ICST), 2009.
Bibtex Entry:
@inproceedings{mouelhi09,
	Abstract = {In this paper, we consider typical applications in which the business
	logic is separated from the access control logic, implemented in
	an independent component, called the Policy Decision Point (PDP).
	The execution of functions in the business logic should thus include
	calls to the PDP, which grants or denies the access to the protected
	resources/functionalities of the system, depending on the way the
	PDP has been configured. The task of testing the correctness of the
	implementation of the security policy is tedious and costly. In this
	paper, we propose a new approach to reuse and automatically adapt
	existing functional test cases for specifically testing the security
	mechanisms. It includes a two step dynamic analysis technique based
	on mutation applied to security policies (RBAC, XACML, OrBAC). The
	method is applied to Java programs and provides tools for performing
	the two steps of the dynamic analyses. Three empirical case studies
	provide fruitful results and a first proof of concepts for this approach,
	e.g. by comparing its efficiency to an error-prone manual adaptation
	task.},
	keywords = {test, security},
	Author = {Mouelhi, Tejeddine and Le Traon, Yves and Baudry, Benoit},
	Booktitle = {Proceedings of the International Conference on Software Testing, Verification and Validation (ICST)},
	Month = {April},
	Title = {Transforming and selecting functional test cases for security policy testing},
	Url = {http://www.irisa.fr/triskell/publis/2009/mouelhi09.pdf},
	X-Country = {US},
	X-International-Audience = {yes},
	X-Language = {EN},
	X-Proceedings = {yes},
	Year = {2009},
	x-abbrv = {ICST},
}