Daoudagh S, Lonetti F, Marchetti E
Access Control Access Control Systems Testing Web Service
In distributed environments, information security is a key factor and access control is an important means to guarantee confidentiality of sensitive and valuable data. In this paper, we introduce a new decentralized framework for testing of XACML-based access control engines. The proposed framework is composed of different web services and provides the following functionalities: I) generation of test cases based on combinatorial testing strategies; ii) decentralized oracle that associates the expected result to a given test case, i.e. an XACML request; and finally, iii) a GUI for interacting with the framework and providing some analysis about the expected results. A first validation confirms the efficiency of the proposed approach.
@inproceedings{oai:it.cnr:prodotti:415735, title = {A decentralized solution for combinatorial testing of access control engine}, author = {Daoudagh S and Lonetti F and Marchetti E}, doi = {10.5220/0007379401260135}, year = {2019} }