Skip to Main content Skip to Navigation
Conference papers

Automatic Testing of Access Control for Security Properties

Abstract : In this work, we investigate the combination of controller synthesis and test generation techniques for the testing of open, partially observable systems with respect to security policies. We consider two kinds of properties: integrity properties and confidentiality properties. We assume that the behavior of the system is modeled by a labeled transition system and assume the existence of a black-box implementation. We first outline a method allowing to automatically compute an ideal access control ensuring these two kinds of properties. Then, we show how to derive testers that test the conformance of the implementation with respect to its specification, the correctness of the real access control that has been composed with the implementation in order to ensure a security property, and the security property itself.
Document type :
Conference papers
Complete list of metadata

Cited literature [15 references]  Display  Hide  Download

https://hal.inria.fr/inria-00420424
Contributor : Hervé Marchand <>
Submitted on : Friday, April 23, 2010 - 1:55:22 PM
Last modification on : Wednesday, April 11, 2018 - 1:52:07 AM
Long-term archiving on: : Friday, October 19, 2012 - 1:36:31 PM

File

testcom-paper-13.pdf
Files produced by the author(s)

Identifiers

Collections

Citation

Hervé Marchand, Jérémy Dubreil, Thierry Jéron. Automatic Testing of Access Control for Security Properties. TESTCOM/FATES 2009, Nov 2009, Eindhoven, Netherlands. pp.113-128, ⟨10.1007/978-3-642-05031-2⟩. ⟨inria-00420424⟩

Share

Metrics

Record views

212

Files downloads

259