TY - GEN
T1 - Security policy testing via automated program code generation
AU - Yu, Ting
AU - Sivasubramanian, Dhivya
AU - Xie, Tao
PY - 2009
Y1 - 2009
N2 - In this paper, we have presented a new general framework for policy esting via automated program code generation. This framework allows to easily reuse existing software testing techniques and tools to ensure the correctness of security policies. We have demonstrated the effectiveness of the proposed approach by empirically comparing it with an existing policy testing tool specifically designed for XACML. In future work, we plan to further evaluate the effectiveness of our approach by applying it to other policy languages such as Ponder [2]. We also plan to adapt our approach to handel stateful policies such as those for managing roles in RBAC and stateful firewall policies.
AB - In this paper, we have presented a new general framework for policy esting via automated program code generation. This framework allows to easily reuse existing software testing techniques and tools to ensure the correctness of security policies. We have demonstrated the effectiveness of the proposed approach by empirically comparing it with an existing policy testing tool specifically designed for XACML. In future work, we plan to further evaluate the effectiveness of our approach by applying it to other policy languages such as Ponder [2]. We also plan to adapt our approach to handel stateful policies such as those for managing roles in RBAC and stateful firewall policies.
UR - http://www.scopus.com/inward/record.url?scp=70350692141&partnerID=8YFLogxK
U2 - 10.1145/1558607.1558623
DO - 10.1145/1558607.1558623
M3 - Conference contribution
AN - SCOPUS:70350692141
SN - 9781605585185
T3 - ACM International Conference Proceeding Series
BT - CSIIRW09
T2 - CSIIRW 2009: 5th Annual Cyber Security and Information Intelligence Research Workshop: Cyber Security and Information Intelligence Challenges and Strategies
Y2 - 13 April 2009 through 15 April 2009
ER -