A model-based approach to automated testing of access control policies

Access control policies in software systems can be implemented incorrectly for various reasons. This paper presents a model-based approach for automated testing of access control implementation. To feed the model-based testing process, test models are constructed by integrating declarative access control rules and contracts (preconditions and post-conditions) of the associated activities. The access control tests are generated from the test models to exercise the interactions of access control activities. Test executability is obtained through a mapping of the modeling elements to implementation constructs. The approach has been implemented in an industry-adopted test automation framework that supports the generation of test code in a variety of languages, such as Java, C, C++, C#, and HTML/Selenium IDE. The full model-based testing process has been applied to two systems implemented in Java. The effectiveness is evaluated in terms of access-control fault detection rate using mutation analysis of access control implementation. The experiments show that the model-based tests killed 99.7% of the mutants and the remaining mutants caused no policy violations.

[1]  Yves Le Traon,et al.  Test-Driven Assessment of Access Control in Legacy Applications , 2008, 2008 1st International Conference on Software Testing, Verification, and Validation.

[2]  Dianxiang Xu,et al.  Automated Security Test Generation with Formal Threat Models , 2012, IEEE Transactions on Dependable and Secure Computing.

[3]  Jan Jürjens Model-based Security Testing Using UMLsec: A Case Study , 2008, Electron. Notes Theor. Comput. Sci..

[4]  Dianxiang Xu,et al.  A Tool for Automated Test Code Generation from High-Level Petri Nets , 2011, Petri Nets.

[5]  Pieter J. Mosterman,et al.  Model-Based Testing for Embedded Systems , 2011, Computational Analysis, Synthesis, & Design Dynamic Systems.

[6]  Alexander Pretschner,et al.  Model Based Testing for Real: The Inhouse Card Case Study , 2001 .

[7]  簡聰富,et al.  物件導向軟體之架構(Object-Oriented Software Construction)探討 , 1989 .

[8]  Keqin Li,et al.  Test Generation from Security Policies Specified in Or-BAC , 2007, 31st Annual International Computer Software and Applications Conference (COMPSAC 2007).

[9]  Arif Ghafoor,et al.  Scalable and Effective Test Generation for Role-Based Access Control Systems , 2009, IEEE Transactions on Software Engineering.

[10]  Tao He,et al.  Applying Software Reliability Models on Security Incidents , 2007, The 18th IEEE International Symposium on Software Reliability (ISSRE '07).

[11]  Arif Ghafoor,et al.  Conformance Testing of Temporal Role-Based Access Control Systems , 2010, IEEE Transactions on Dependable and Secure Computing.

[12]  Hartmann J. Genrich,et al.  Predicate/Transition Nets , 1986, Advances in Petri Nets.

[13]  Yves Le Traon,et al.  A Model-Based Framework for Security Policy Specification, Deployment and Testing , 2008, MoDELS.

[14]  Bertrand Meyer,et al.  Object-Oriented Software Construction, 2nd Edition , 1997 .

[15]  Gail-Joon Ahn,et al.  Enabling verification and conformance testing for access control model , 2008, SACMAT '08.

[16]  Yves Le Traon,et al.  Testing Security Policies: Going Beyond Functional Testing , 2007, The 18th IEEE International Symposium on Software Reliability (ISSRE '07).

[17]  Yves Le Traon,et al.  Model-Based Tests for Access Control Policies , 2008, 2008 1st International Conference on Software Testing, Verification, and Validation.

[18]  Dianxiang Xu,et al.  Threat-driven modeling and verification of secure software using aspect-oriented Petri nets , 2006, IEEE Transactions on Software Engineering.

[19]  Tao Xie,et al.  Defining and Measuring Policy Coverage in Testing Access Control Policies , 2006, ICICS.

[20]  Ana R. Cavalli,et al.  A formal approach for testing security rules , 2007, SACMAT '07.

[21]  Mark Harman,et al.  An Analysis and Survey of the Development of Mutation Testing , 2011, IEEE Transactions on Software Engineering.

[22]  Alexander Pretschner,et al.  One evaluation of model-based testing and its automation , 2005, ICSE.

[23]  Yves Le Traon,et al.  Testing Security Policies: Going Beyond Functional Testing , 2007, The 18th IEEE International Symposium on Software Reliability (ISSRE '07).

[24]  Tao Xie,et al.  A fault model and mutation testing of access control policies , 2007, WWW '07.

[25]  Yves Le Traon,et al.  Transforming and Selecting Functional Test Cases for Security Policy Testing , 2009, 2009 International Conference on Software Testing Verification and Validation.

[26]  Jacques Julliand,et al.  Generating security tests in addition to functional tests , 2008, AST '08.