On-line tracing of XACML-based policy coverage criteria

Francesca Lonetti; Eda Marchetti

arXiv:1809.02712·cs.SE·September 11, 2018

On-line tracing of XACML-based policy coverage criteria

Francesca Lonetti, Eda Marchetti

PDF

TL;DR

This paper introduces new coverage criteria for testing XACML access control policies and presents an infrastructure for on-line tracing and assessment of testing strategies.

Contribution

It proposes a set of XACML coverage criteria and an access control infrastructure for on-line policy testing and coverage assessment.

Findings

01

Effective coverage criteria for XACML policies

02

An infrastructure enabling on-line tracing of testing activities

03

Assessment of different test strategies using the proposed framework

Abstract

Currently, eXtensible Access Control Markup Language (XACML) has becoming the standard for implementing access control policies and consequently more attention is dedicated to testing the correctness of XACML policies. In particular, coverage measures can be adopted for assessing test strategy effectiveness in exercising the policy elements. This study introduces a set of XACML coverage criteria and describes the access control infrastructure, based on a monitor engine, enabling the coverage criterion selection and the on-line tracing of the testing activity. Examples of infrastructure usage and of assessment of different test strategies are provided.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.