On-line tracing of XACML-based policy coverage criteria
Abstract
Currently, eXtensible Access Control Markup Language (XACML) has becoming the standard for implementing access control policies and consequently more attention is dedicated to testing the correctness of XACML policies. In particular, coverage measures can be adopted for assessing test strategy effectiveness in exercising the policy elements. This study introduces a set of XACML coverage criteria and describes the access control infrastructure, based on a monitor engine, enabling the coverage criterion selection and the on-line tracing of the testing activity. Examples of infrastructure usage and of assessment of different test strategies are provided.
- Publication:
-
arXiv e-prints
- Pub Date:
- September 2018
- DOI:
- 10.48550/arXiv.1809.02712
- arXiv:
- arXiv:1809.02712
- Bibcode:
- 2018arXiv180902712L
- Keywords:
-
- Computer Science - Software Engineering
- E-Print:
- 9 pages, IET Software, available online http://digital-library.theiet.org/content/journals/10.1049/iet-sen.2017.0351