Assessing Quality of Policy Properties in Verification of Access Control Policies

Author

Martin, Evan ; Hwang, JeeHyun ; Xie, Tao ; Hu, Vincent

Author_Institution

Google, Inc., Santa Monica, CA

fYear

2008

fDate

8-12 Dec. 2008

Firstpage

163

Lastpage

172

Abstract

Access control policies are often specified in declarative languages. In this paper, we propose a novel approach, called mutation verification, to assess the quality of properties specified for a policy and, in doing so, the quality of the verification itself. In our approach, given a policy and a set of properties, we first mutate the policy to generate various mutant policies, each with a single seeded fault. We then verify whether the properties hold for each mutant policy. If the properties still hold for a given mutant policy, then the quality of these properties is determined to be insufficient in guarding against the seeded fault, indicating that more properties are needed to augment the existing set of properties to provide higher confidence of the policy correctness. We have implemented Mutaver, a mutation verification tool for XACML, and applied it to policies and properties from a real-world software system.

Keywords

XML; authorisation; formal verification; Mutaver; XACML; access control policy; declarative languages; eXtensible Access Control Markup Language; mutant policy; mutation verification; policy correctness; policy property; software system; Access control; Application software; Computer science; Computer security; Failure analysis; Fault detection; Genetic mutations; NIST; Software systems; Testing; Access Control; Verification; XACML;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 2008. ACSAC 2008. Annual

Conference_Location

Anaheim, CA

ISSN

1063-9527

Print_ISBN

978-0-7695-3447-3

Type

conf

DOI

10.1109/ACSAC.2008.48

Filename

4721554