A New Security Testing Method and Its Application to the Secure Xenix Kernel

V.D. Gligor; A. Johri; G.L. Luckenbaugh; C.S. Chandersekaran; null Wen-Der Jiang; L.E. Reich

doi:10.1109/TSE.1987.232890

Publication
1987
Issue No. 2 - February
Abstract - A New Security Testing Method and Its Application to the Secure Xenix Kernel

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by V.D. Gligor Articles by C.S. Chandersekaran Articles by null Wen-Der Jiang Articles by A. Johri Articles by G.L. Luckenbaugh Articles by L.E. Reich

A New Security Testing Method and Its Application to the Secure Xenix Kernel

February 1987 (vol. 13 no. 2)

pp. 169-183

	ASCII Text	x
	V.D. Gligor, C.S. Chandersekaran, null Wen-Der Jiang, A. Johri, G.L. Luckenbaugh, L.E. Reich, "A New Security Testing Method and Its Application to the Secure Xenix Kernel," IEEE Transactions on Software Engineering, vol. 13, no. 2, pp. 169-183, February, 1987.

	BibTex	x
	@article{ 10.1109/TSE.1987.232890, author = {V.D. Gligor and C.S. Chandersekaran and null Wen-Der Jiang and A. Johri and G.L. Luckenbaugh and L.E. Reich}, title = {A New Security Testing Method and Its Application to the Secure Xenix Kernel}, journal ={IEEE Transactions on Software Engineering}, volume = {13}, number = {2}, issn = {0098-5589}, year = {1987}, pages = {169-183}, doi = {http://doi.ieeecomputersociety.org/10.1109/TSE.1987.232890}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - JOUR JO - IEEE Transactions on Software Engineering TI - A New Security Testing Method and Its Application to the Secure Xenix Kernel IS - 2 SN - 0098-5589 SP169 EP183 EPD - 169-183 A1 - V.D. Gligor, A1 - C.S. Chandersekaran, A1 - null Wen-Der Jiang, A1 - A. Johri, A1 - G.L. Luckenbaugh, A1 - L.E. Reich, PY - 1987 KW - security testing KW - Access check graphs KW - control synthesis graphs KW - cyclic dependencies KW - data flow coverage KW - functional testing KW - kernels KW - security model VL - 13 JA - IEEE Transactions on Software Engineering ER -

V.D. Gligor, Department of Electrical Engineering, University of Maryland

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TSE.1987.232890

A new security testing method is proposed that combines the advantages of both traditional "black box" (monolithic functional) testing and "white box" (functional-synthesis-based) testing. The new method allows significant coverage both for security model-based tests and for individual kernel-call tests. It eliminates redundant kernel test cases 1) by using a variant of control synthesis graphs, 2) by analyzing dependencies between descriptive kernel-call specifications, and 3) by exploiting access check separability. A higher degree of test assurance is achieved than that of other security testing methods because the new method helps eliminate cyclic dependencies among test programs for different kernel calls. The application of this method to the testing of the Secure Xenix? kernel is illustrated.

Index Terms:

security testing, Access check graphs, control synthesis graphs, cyclic dependencies, data flow coverage, functional testing, kernels, security model

Citation:

V.D. Gligor, C.S. Chandersekaran, null Wen-Der Jiang, A. Johri, G.L. Luckenbaugh, L.E. Reich, "A New Security Testing Method and Its Application to the Secure Xenix Kernel," IEEE Transactions on Software Engineering, vol. 13, no. 2, pp. 169-183, Feb. 1987, doi:10.1109/TSE.1987.232890

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.