In ICT systems and modern applications access control systems are important mechanisms for managing resources and data access. Their criticality requires high security levels and consequently, the application of effective and efficient testing approaches. In this paper we propose standardized guidelines for correctly and systematically performing the testing process in order to avoid errors and improve the effectiveness of the validation. We focus in particular on Controlled Experiments, and we provide here a characterization of the first three steps of the experiment process (i.e., Scoping, Planning and Operation) by the adoption of the Goal- Question-Metric template. The specialization of the three phases is provided through a concrete example.
Defining controlled experiments inside the access control environment
Daoudagh S;Marchetti E
2020
Abstract
In ICT systems and modern applications access control systems are important mechanisms for managing resources and data access. Their criticality requires high security levels and consequently, the application of effective and efficient testing approaches. In this paper we propose standardized guidelines for correctly and systematically performing the testing process in order to avoid errors and improve the effectiveness of the validation. We focus in particular on Controlled Experiments, and we provide here a characterization of the first three steps of the experiment process (i.e., Scoping, Planning and Operation) by the adoption of the Goal- Question-Metric template. The specialization of the three phases is provided through a concrete example.| File | Dimensione | Formato | |
|---|---|---|---|
|
prod_424528-doc_151403.pdf
accesso aperto
Descrizione: Defining controlled experiments inside the access control environment
Tipologia:
Versione Editoriale (PDF)
Licenza:
Creative commons
Dimensione
872.53 kB
Formato
Adobe PDF
|
872.53 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
