Security policy testing via automated program code generation

Ting Yu, Dhivya Sivasubramanian, Tao Xie

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

In this paper, we have presented a new general framework for policy esting via automated program code generation. This framework allows to easily reuse existing software testing techniques and tools to ensure the correctness of security policies. We have demonstrated the effectiveness of the proposed approach by empirically comparing it with an existing policy testing tool specifically designed for XACML. In future work, we plan to further evaluate the effectiveness of our approach by applying it to other policy languages such as Ponder [2]. We also plan to adapt our approach to handel stateful policies such as those for managing roles in RBAC and stateful firewall policies.

Original languageEnglish
Title of host publicationACM International Conference Proceeding Series
DOIs
Publication statusPublished - 9 Nov 2009
Externally publishedYes
EventCSIIRW 2009: 5th Annual Cyber Security and Information Intelligence Research Workshop: Cyber Security and Information Intelligence Challenges and Strategies - Oak Ridge, TN, United States
Duration: 13 Apr 200915 Apr 2009

Other

OtherCSIIRW 2009: 5th Annual Cyber Security and Information Intelligence Research Workshop: Cyber Security and Information Intelligence Challenges and Strategies
CountryUnited States
CityOak Ridge, TN
Period13/4/0915/4/09

Fingerprint

Software testing
Testing
Code generation

ASJC Scopus subject areas

  • Human-Computer Interaction

Cite this

Yu, T., Sivasubramanian, D., & Xie, T. (2009). Security policy testing via automated program code generation. In ACM International Conference Proceeding Series [13] https://doi.org/10.1145/1558607.1558623

Security policy testing via automated program code generation. / Yu, Ting; Sivasubramanian, Dhivya; Xie, Tao.

ACM International Conference Proceeding Series. 2009. 13.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Yu, T, Sivasubramanian, D & Xie, T 2009, Security policy testing via automated program code generation. in ACM International Conference Proceeding Series., 13, CSIIRW 2009: 5th Annual Cyber Security and Information Intelligence Research Workshop: Cyber Security and Information Intelligence Challenges and Strategies, Oak Ridge, TN, United States, 13/4/09. https://doi.org/10.1145/1558607.1558623
Yu T, Sivasubramanian D, Xie T. Security policy testing via automated program code generation. In ACM International Conference Proceeding Series. 2009. 13 https://doi.org/10.1145/1558607.1558623
Yu, Ting ; Sivasubramanian, Dhivya ; Xie, Tao. / Security policy testing via automated program code generation. ACM International Conference Proceeding Series. 2009.
@inproceedings{e51f2f11da6d4c2891647c824ede7978,
title = "Security policy testing via automated program code generation",
abstract = "In this paper, we have presented a new general framework for policy esting via automated program code generation. This framework allows to easily reuse existing software testing techniques and tools to ensure the correctness of security policies. We have demonstrated the effectiveness of the proposed approach by empirically comparing it with an existing policy testing tool specifically designed for XACML. In future work, we plan to further evaluate the effectiveness of our approach by applying it to other policy languages such as Ponder [2]. We also plan to adapt our approach to handel stateful policies such as those for managing roles in RBAC and stateful firewall policies.",
author = "Ting Yu and Dhivya Sivasubramanian and Tao Xie",
year = "2009",
month = "11",
day = "9",
doi = "10.1145/1558607.1558623",
language = "English",
isbn = "9781605585185",
booktitle = "ACM International Conference Proceeding Series",

}

TY - GEN

T1 - Security policy testing via automated program code generation

AU - Yu, Ting

AU - Sivasubramanian, Dhivya

AU - Xie, Tao

PY - 2009/11/9

Y1 - 2009/11/9

N2 - In this paper, we have presented a new general framework for policy esting via automated program code generation. This framework allows to easily reuse existing software testing techniques and tools to ensure the correctness of security policies. We have demonstrated the effectiveness of the proposed approach by empirically comparing it with an existing policy testing tool specifically designed for XACML. In future work, we plan to further evaluate the effectiveness of our approach by applying it to other policy languages such as Ponder [2]. We also plan to adapt our approach to handel stateful policies such as those for managing roles in RBAC and stateful firewall policies.

AB - In this paper, we have presented a new general framework for policy esting via automated program code generation. This framework allows to easily reuse existing software testing techniques and tools to ensure the correctness of security policies. We have demonstrated the effectiveness of the proposed approach by empirically comparing it with an existing policy testing tool specifically designed for XACML. In future work, we plan to further evaluate the effectiveness of our approach by applying it to other policy languages such as Ponder [2]. We also plan to adapt our approach to handel stateful policies such as those for managing roles in RBAC and stateful firewall policies.

UR - http://www.scopus.com/inward/record.url?scp=70350692141&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=70350692141&partnerID=8YFLogxK

U2 - 10.1145/1558607.1558623

DO - 10.1145/1558607.1558623

M3 - Conference contribution

SN - 9781605585185

BT - ACM International Conference Proceeding Series

ER -