Access control policy coverage assessment through monitoring
Calabrò A., Lonetti F., Marchetti E.
Access control coverage assessment monitoring
Testing access control policies relies on their execution on a security engine and the evaluation of the correct responses. Coverage measures can be adopted to know which parts of the policy are most exercised. This paper proposes an access control infrastructure for enabling the coverage criterion selection, the monitoring of the policy execution and the analysis of the policy coverage assessment. The framework is independent from the policy specification language and does not require the instrumentation of the evaluation engine. We show an instantiation of the proposed infrastructure for assessing the XACML policy testing.
Source: International Conference on Computer Safety, Reliability, and Security SAFECOMP 2017, pp. 373–383, Trento, Italy, 12/9/2017
Metrics
Back to previous page
@inproceedings{oai:it.cnr:prodotti:384813,
title = {Access control policy coverage assessment through monitoring},
author = {Calabrò A. and Lonetti F. and Marchetti E.},
doi = {10.1007/978-3-319-66284-8_31},
booktitle = {International Conference on Computer Safety, Reliability, and Security SAFECOMP 2017, pp. 373–383, Trento, Italy, 12/9/2017},
year = {2017}
}
0000-0001-5502-303X