Testing Security Rules with Decomposable Activities

H
HASE
2007
10th IEEE High Assurance Systems Engineering Symposium (HASE'07)
Abstract - Testing Security Rules with Decomposable Activities

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Wissam Mallouli Articles by Ana Cavalli

10th IEEE High Assurance Systems Engineering Symposium (HASE'07)

Dallas, Texas, USA

November 14-November 16

ISBN: 0-7695-3043-5

	ASCII Text	x
	Wissam Mallouli, Ana Cavalli, "Testing Security Rules with Decomposable Activities," High-Assurance Systems Engineering, IEEE International Symposium on, pp. 149-155, 10th IEEE High Assurance Systems Engineering Symposium (HASE'07), 2007.

	BibTex	x
	@article{ 10.1109/HASE.2007.41, author = {Wissam Mallouli and Ana Cavalli}, title = {Testing Security Rules with Decomposable Activities}, journal ={High-Assurance Systems Engineering, IEEE International Symposium on}, volume = {0}, year = {2007}, issn = {1530-2059}, pages = {149-155}, doi = {http://doi.ieeecomputersociety.org/10.1109/HASE.2007.41}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - High-Assurance Systems Engineering, IEEE International Symposium on TI - Testing Security Rules with Decomposable Activities SN - 1530-2059 SP149 EP155 A1 - Wissam Mallouli, A1 - Ana Cavalli, PY - 2007 KW - Security Policy KW - Extended Finite State Machine KW - SDL KW - Verification and Testing KW - Test Generation. VL - 0 JA - High-Assurance Systems Engineering, IEEE International Symposium on ER -

Wissam Mallouli

Ana Cavalli

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/HASE.2007.41

Checking that a security policy has been correctly deployed over a network is a key issue for system administrators. Specification and testing of such policies constitute fundamental steps in the development of a secure system. To address both challenges, we propose a framework to describe how modalities such as permissions, prohibitions and obligations -involving decomposable activities- can be integrated in a functional EFSM specification of a system to obtain a new specification of the system that takes into account the security policy. Then, we propose a method to automatically derive test sequences to test the implementation, using a dedicated tool developed in our laboratory. Finally, we apply our framework to a Weblog system case study to demonstrate its reliability.

Index Terms:

Security Policy, Extended Finite State Machine, SDL, Verification and Testing, Test Generation.

Citation:

Wissam Mallouli, Ana Cavalli, "Testing Security Rules with Decomposable Activities," hase, pp.149-155, 10th IEEE High Assurance Systems Engineering Symposium (HASE'07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.