Scalable and effective test generation for access control systems

Ammar Masood, Purdue University


Access control is essential for safe and secure access to software and hardware resources. Operating systems, database systems, and other applications employ policies to constrain access to application functionality, file systems, and data. Often these policies are implemented in software that serves as a front end guard to the protected resources or is interwoven with the application. It is important that the access control software is correct in that it faithfully implements a policy it is intended to; hence testing of access control systems becomes critical. The challenge is in devising such testing techniques that are scalable and effective in detecting those faults that can occur in an access control system. ^ In this thesis, we address the problem of generating tests for access control systems. As a solution we first evaluated automata theoretic procedures for test generation using fault models specific to implementations of Role Based Access Control (RBAC) and temporal RBAC (TRBAC) systems. This evaluation led to improved and scalable methods for test generation. In particular the proposed procedures are associated with varying cost and effectiveness for conformance testing of RBAC and TRBAC systems. A probabilistic model for fault coverage is proposed and the fault detection effectiveness of proposed test generation techniques is formally analyzed for a variety of fault distributions. Cost and effectiveness of the proposed procedures in functional testing was evaluated using a case study based on an implementation of RBAC. The proposed test generation procedures provide cost efficient solutions with varying level of fault coverage for conformance testing and thus address the functional correctness requirements of RBAC and TRBAC systems.^




Arif Ghafoor, Purdue University, Aditya Mathur, Purdue University.

Subject Area

Engineering, Electronics and Electrical|Computer Science

Off-Campus Purdue Users:
To access this dissertation, please log in to our
proxy server