Daoudagh S., Lonetti F., Marchetti E.
Access Control Systems Testing Web Service
In distributed environments, information security is a key factor and access control is an important means to guarantee confidentiality of sensitive and valuable data. In this paper, we introduce a new decentralized framework for testing of XACML-based access control engines. The proposed framework is composed of different web services and provides the following functionalities: I) generation of test cases based on combinatorial testing strategies; ii) decentralized oracle that associates the expected result to a given test case, i.e. an XACML request; and finally, iii) a GUI for interacting with the framework and providing some analysis about the expected results. A first validation confirms the efficiency of the proposed approach.
Source: ICISSP 2019 - 5th International Conference on Information Systems Security and Privacy, pp. 126–135, Prague, Czech Republic, 23-25 February 2019
@inproceedings{oai:it.cnr:prodotti:415735, title = {A decentralized solution for combinatorial testing of access control engine}, author = {Daoudagh S. and Lonetti F. and Marchetti E.}, doi = {10.5220/0007379401260135}, booktitle = {ICISSP 2019 - 5th International Conference on Information Systems Security and Privacy, pp. 126–135, Prague, Czech Republic, 23-25 February 2019}, year = {2019} }