AN AUTOMATIC TEST CASEGENERATOR FOR EVALUATING IMPLEMENTATION OF ACCESS CONTROL POLICIES

Q: How can I download an article?

To download an article from SID, first log in to the site, search for the article title, and click on the 'Download Article' option.

Q: How can I download an ISI article?

To download an ISI article on SID, enter the keyword or article title in the search bar, view the relevant results, click on the desired article, and select the 'Download Article' option.

Q: How can I access the SID database?

To access the SID database, visit SID.ir, create an account, and log in to access scientific resources.

Q: Is downloading articles from SID free?

Some articles on SID are available for free, while others require payment. Details are specified on the article's page.

SAFARZADEH MARZIEH; TAGHIZADEH MAHBOUBEH; Zamani Bahman; TORK LADANI BEHROUZ

مرکز اطلاعات علمی Scientific Information Database (SID) - Trusted Source for Research and Academic Resources

Journal Paper

Paper Information

Journal: THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY Year:2017 | Volume:9 | Issue:1 Page(s): 73-91

Download Full-Text

Persian Verion

View:

485

Download:

211

Cites:

Information Journal Paper

Title

AN AUTOMATIC TEST CASEGENERATOR FOR EVALUATING IMPLEMENTATION OF ACCESS CONTROL POLICIES

Author(s)

SAFARZADEH MARZIEH | TAGHIZADEH MAHBOUBEH | Zamani Bahman | TORK LADANI BEHROUZ | Issue Writer Certificate

Keywords

ACCESS CONTROL POLICIESQ2

AUTOMATED TESTINGQ1

MODEL BASED TECHNIQUEQ1

IMPLEMENTATION OF ACCESS CONTROLQ1

XACMLQ1

Abstract

One of the main requirements for providing software security is the enforcement of ACCESS CONTROL POLICIES which aim to protect resources of the system against unauthorized accesses. Any error in the implementation of such policies may lead to undesirable outcomes. For testing the implementation of ACCESS CONTROL POLICIES, it is preferred to use automated methods which are faster and more reliable. Although several researches are conducted for AUTOMATED TESTING of the specification of ACCESS CONTROL POLICIES at the design phase, there is not enough research on testing their implementation. In addition, since access control is amongst non-functional requirements of the system, it is not easy to test them along with other requirements of the system by usual methods. To address this challenge, in this paper, we propose an automated method for testing the IMPLEMENTATION OF ACCESS CONTROL in a system. This method, as a MODEL BASED TECHNIQUE, is able to extract test cases for evaluating the ACCESS CONTROL POLICIES of the system under test. To generate test cases automatically, a combination of behavior model of the system and the specification of ACCESS CONTROL POLICIES are used. The experimental results show that the proposed approach is able to find the failures and cover most of the code that is related to ACCESS CONTROL POLICIES.

Cites

No record.

References

No record.

Cite

APA: Copy

SAFARZADEH, MARZIEH, TAGHIZADEH, MAHBOUBEH, Zamani, Bahman, & TORK LADANI, BEHROUZ. (2017). AN AUTOMATIC TEST CASEGENERATOR FOR EVALUATING IMPLEMENTATION OF ACCESS CONTROL POLICIES. THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 9(1 ), 73-91. SID. https://sid.ir/paper/241787/en

Vancouver: Copy

SAFARZADEH MARZIEH, TAGHIZADEH MAHBOUBEH, Zamani Bahman, TORK LADANI BEHROUZ. AN AUTOMATIC TEST CASEGENERATOR FOR EVALUATING IMPLEMENTATION OF ACCESS CONTROL POLICIES. THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY[Internet]. 2017;9(1 ):73-91. Available from: https://sid.ir/paper/241787/en

IEEE: Copy

MARZIEH SAFARZADEH, MAHBOUBEH TAGHIZADEH, Bahman Zamani, and BEHROUZ TORK LADANI, “AN AUTOMATIC TEST CASEGENERATOR FOR EVALUATING IMPLEMENTATION OF ACCESS CONTROL POLICIES,” THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY, vol. 9, no. 1 , pp. 73–91, 2017, [Online]. Available: https://sid.ir/paper/241787/en

Related Journal Papers