A Scenario Driven Approach for Security Policy Testing Based on Model Checking

Author

Chen Yan ; Wu Dan

Author_Institution

Scholl of Mechatronical Eng., Beijing Inst. of Technol., Beijing, China

fYear

2009

fDate

19-20 Dec. 2009

Firstpage

1

Lastpage

4

Abstract

Security policy system is critical to the security sensitive implementation systems. To increase confidence in the correctness of the security policies, policy developers can conduct policy testing to ensure security policies are correctly implemented in these systems. In this paper we present a novel framework for security policy testing. The framework takes the privilege scenario as the source of test cases for security policies. The privilege scenario generation algorithm is presented, on the base of which privilege scenarios can be automatically generated by dint of model checking. Then we describe the method for privilege scenarios transforming into test cases. At last test coverage criteria are given. The framework covers all elements for the scenario based testing and provides a comprehensive solution for the security policy testing.

Keywords

formal verification; security of data; model checking; privilege scenario generation algorithm; security policy system; security policy testing; test coverage criteria; Application software; Automata; Automatic testing; Control systems; Logic testing; National security; Safety; Scalability; Software engineering; System testing;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Engineering and Computer Science, 2009. ICIECS 2009. International Conference on

Conference_Location

Wuhan

Print_ISBN

978-1-4244-4994-1

Type

conf

DOI

10.1109/ICIECS.2009.5365628

Filename

5365628