Testing Security Policies: Going Beyond Functional Testing
- 1 November 2007
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
While important efforts are dedicated to system functional testing, very few works study how to test specifically security mechanisms, implementing a security policy. This paper introduces security policy testing as a specific target for testing. We propose two strategies for producing security policy test cases, depending if they are built in complement of existing functional test cases or independently from them. Indeed, any security policy is strongly connected to system functionality: testing functions includes exercising many security mechanisms. However, testing functionality does not intend at putting to the test security aspects. We thus propose test selection criteria to produce tests from a security policy. To quantify the effectiveness of a set of test cases to detect security policy flaws, we adapt mutation analysis and define security policy mutation operators. A library case study, a 3-tiers architecture, is used to obtain experimental trends. Results confirm that security must become a specific target of testing to reach a satisfying level of confidence in security mechanisms.Keywords
This publication has 4 references indexed in Scilit:
- A fault model and mutation testing of access control policiesPublished by Association for Computing Machinery (ACM) ,2007
- Automatic test generation: a use case driven approachIEEE Transactions on Software Engineering, 2006
- Elaborating security requirements by construction of intentional anti-modelsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2004
- An automated approach for identifying potential vulnerabilities in softwarePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002