We present a model-based approach to testing access control requirements. By using combinatorial testing, we first automatically generate test cases from and without access contro...
Alexander Pretschner, Tejeddine Mouelhi, Yves Le T...
Policy testing and analysis are important techniques for high assurance of correct specification of access control policies. We propose a set of testing and analysis techniques fo...
To increase confidence in the correctness of specified policies, policy developers can conduct policy testing by supplying typical test inputs (requests) and subsequently checking...
Access control is one of the most fundamental and widely used security mechanisms. Access control mechanisms control which principals such as users or processes have access to whi...
Vincent C. Hu, Evan Martin, JeeHyun Hwang, Tao Xie
If access control policy decision points are not neatly separated from the business logic of a system, the evolution of a security policy likely leads to the necessity of changing...
Yves Le Traon, Tejeddine Mouelhi, Alexander Pretsc...