CNR Institutional Research Information System

A widely adopted security mechanism is the specification of access control policies by means of the XACML language. In this paper, we propose a framework, called X-CREATE, for the systematic generation of test inputs (XACML requests). Differently from existing tools, XCREATE exploits the XACML Context Schema. In particular, the tool applies a XML-based methodology (XPT) to systematically produce a set of intermediate instances, covering the XACML Context Schema. Moreover, for request generation, X-CREATE applies a procedure for parsing the policy under test and assigning values to the generated intermediate instances. The aim of the proposed framework is twofold: testing of policy evaluation engines and testing of access control policies. The experimental results show that the fault detection effectiveness of X-CREATE is similar or higher than that of existing approaches.

Systematic XACML request generation for testing purposes

Bertolino A;Lonetti F;Marchetti E
2010

Abstract

A widely adopted security mechanism is the specification of access control policies by means of the XACML language. In this paper, we propose a framework, called X-CREATE, for the systematic generation of test inputs (XACML requests). Differently from existing tools, XCREATE exploits the XACML Context Schema. In particular, the tool applies a XML-based methodology (XPT) to systematically produce a set of intermediate instances, covering the XACML Context Schema. Moreover, for request generation, X-CREATE applies a procedure for parsing the policy under test and assigning values to the generated intermediate instances. The aim of the proposed framework is twofold: testing of policy evaluation engines and testing of access control policies. The experimental results show that the fault detection effectiveness of X-CREATE is similar or higher than that of existing approaches.
2010
Istituto di Scienza e Tecnologie dell'Informazione "Alessandro Faedo" - ISTI
978-1-4244-7901-6
Testing and Debugging
Reliability and Testing
XACML
Test suite generation
Policy testing
04.01 Contributo in Atti di convegno
File in questo prodotto:
File Dimensione Formato  
prod_92162-doc_131842.pdf

solo utenti autorizzati

Descrizione: Systematic XACML request generation for testing purposes
Tipologia: Versione Editoriale (PDF)
Dimensione 362.45 kB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
362.45 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
prod_92162-doc_199600.pdf

accesso aperto

Descrizione: Preprint - Systematic XACML request generation for testing purposes
Tipologia: Versione Editoriale (PDF)
Dimensione 169.88 kB
Formato Adobe PDF
Visualizza/Apri
169.88 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.14243/63161
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact