2012
Conference article  Restricted

The X-CREATE framework: a comparison of XACML policy testing strategies

Bertolino A., Daoudagh S., Lonetti F., Marchetti E.

Testing strategies  XACML  XACML policies  XACML requests derivation 

The specification of access control policies with the XACML language could be an error prone process, so a testing is usually the solution for increasing the confidence on the policy itself. In this paper, we compare two methodologies for deriving test cases for policy testing, i.e. XACML requests, that are implemented in the X-CREATE tool. We consider a simple combinatorial strategy and a XML-based approach (XPT) which exploit policy values and the XACML Context Schema. A stopping criterion for the test cases generation is also provided and used for the comparison of the strategies in terms of fault detection effectiveness.

Source: 8th International Conference on Web Information Systems and Technologies, pp. 155–160, Porto, Portugal, 18-21 April 2012

Publisher: SciTePress, Lisbona, PRT



Back to previous page

Share

Cite as

BibTeX entry
@inproceedings{oai:it.cnr:prodotti:217394,
	title = {The X-CREATE framework: a comparison of XACML policy testing strategies},
	author = {Bertolino A. and Daoudagh S. and Lonetti F. and Marchetti E.},
	publisher = {SciTePress, Lisbona, PRT},
	booktitle = {8th International Conference on Web Information Systems and Technologies, pp. 155–160, Porto, Portugal, 18-21 April 2012},
	year = {2012}
}

CNR authors and affiliations

Download

CNR ExploRA

Bibliographic record

Also available from

www.nessos-project.euRestricted

Projects (via OpenAIRE)

NESSOS
Network of Excellence on Engineering Secure Future Internet Software Services and Systems


OpenAIRE
Privacy Policy