Defining and measuring policy coverage in testing access control policies

Evan Martin, Tao Xie, Ting Yu

Research output: Chapter in Book/Report/Conference proceedingConference contribution


To facilitate managing access control in a system, security officers increasingly write access control policies in specification languages such as XACML, and use a dedicated software component called a Policy Decision Point (PDP). To increase confidence on written policies, certain types of policy testing (often in an ad hoc way) are usually conducted, which probe the PDP with some typical requests and check PDP’s responses against expected ones. This paper develops a first step toward systematic policy testing by defining and measuring policy coverage when testing policies. We have developed a coverage-measurement tool to measure policy coverage given a set of XACML policies and a set of requests. We have developed a tool for request generation, which randomly generates requests for a given set of policies, and a tool for request reduction, which greedily selects a nearly minimal set of requests for achieving the same coverage as the originally generated requests. To evaluate coverage-based request reduction and its effect on fault detection, we have conducted an experiment with mutation testing on a set of real policies. Our experimental results show that the coverage-based test reduction can substantially reduce the size of generated requests and incur only relatively low loss on fault detection. We also conduct a study on the policy coverage achieved by manually generated requests.

Original languageEnglish (US)
Title of host publicationInformation and Communications Security - 8th International Conference, ICICS 2006, Proceedings
EditorsPeng Ning, Sihan Qing, Ninghui Li
Number of pages20
ISBN (Print)9783540494966
StatePublished - 2006
Externally publishedYes
Event8th International Conference on Information and Communications Security, ICICS 2006 - Raleigh, United States
Duration: Dec 4 2006Dec 7 2006

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4307 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Other8th International Conference on Information and Communications Security, ICICS 2006
Country/TerritoryUnited States

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)


Dive into the research topics of 'Defining and measuring policy coverage in testing access control policies'. Together they form a unique fingerprint.

Cite this