To increase confidence in the correctness of specified policies, policy developers can conduct policy testing by supplying typical test inputs (requests) and subsequently checking...
Policy testing and analysis are important techniques for high assurance of correct specification of access control policies. We propose a set of testing and analysis techniques fo...
We present a model-based approach to testing access control requirements. By using combinatorial testing, we first automatically generate test cases from and without access contro...
Alexander Pretschner, Tejeddine Mouelhi, Yves Le T...
Access control policies are often specified in declarative languages. In this paper, we propose a novel approach, called mutation verification, to assess the quality of properties...
Evan Martin, JeeHyun Hwang, Tao Xie, Vincent C. Hu
In this paper, we consider typical applications in which the business logic is separated from the access control logic, implemented in an independent component, called the Policy ...