Security policy testing via automated program code generation

Ting Yu; Dhivya Sivasubramanian; Tao Xie

doi:10.1145/1558607.1558623

Security policy testing via automated program code generation

Ting Yu, Dhivya Sivasubramanian, Tao Xie

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

In this paper, we have presented a new general framework for policy esting via automated program code generation. This framework allows to easily reuse existing software testing techniques and tools to ensure the correctness of security policies. We have demonstrated the effectiveness of the proposed approach by empirically comparing it with an existing policy testing tool specifically designed for XACML. In future work, we plan to further evaluate the effectiveness of our approach by applying it to other policy languages such as Ponder [2]. We also plan to adapt our approach to handel stateful policies such as those for managing roles in RBAC and stateful firewall policies.

Original language	English (US)
Title of host publication	CSIIRW09
Subtitle of host publication	Fifth Annual Cyber Security and Information Intelligence Research Workshop: Cyber Security and Information Intelligence Challenges and Strategies
DOIs	https://doi.org/10.1145/1558607.1558623
State	Published - 2009
Externally published	Yes
Event	CSIIRW 2009: 5th Annual Cyber Security and Information Intelligence Research Workshop: Cyber Security and Information Intelligence Challenges and Strategies - Oak Ridge, TN, United States Duration: Apr 13 2009 → Apr 15 2009

Publication series

Name	ACM International Conference Proceeding Series

Other

Other	CSIIRW 2009: 5th Annual Cyber Security and Information Intelligence Research Workshop: Cyber Security and Information Intelligence Challenges and Strategies
Country/Territory	United States
City	Oak Ridge, TN
Period	4/13/09 → 4/15/09

ASJC Scopus subject areas

Software
Human-Computer Interaction
Computer Vision and Pattern Recognition
Computer Networks and Communications

Online availability

10.1145/1558607.1558623

Library availability

Discover UIUC Full Text

Cite this

Security policy testing via automated program code generation. / Yu, Ting; Sivasubramanian, Dhivya; Xie, Tao.
CSIIRW09: Fifth Annual Cyber Security and Information Intelligence Research Workshop: Cyber Security and Information Intelligence Challenges and Strategies. 2009. 13 (ACM International Conference Proceeding Series).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Yu, T, Sivasubramanian, D & Xie, T 2009, Security policy testing via automated program code generation. in CSIIRW09: Fifth Annual Cyber Security and Information Intelligence Research Workshop: Cyber Security and Information Intelligence Challenges and Strategies., 13, ACM International Conference Proceeding Series, CSIIRW 2009: 5th Annual Cyber Security and Information Intelligence Research Workshop: Cyber Security and Information Intelligence Challenges and Strategies, Oak Ridge, TN, United States, 4/13/09. https://doi.org/10.1145/1558607.1558623

@inproceedings{bb2c4909f92448b2a2d5f3ead55338a2,

title = "Security policy testing via automated program code generation",

abstract = "In this paper, we have presented a new general framework for policy esting via automated program code generation. This framework allows to easily reuse existing software testing techniques and tools to ensure the correctness of security policies. We have demonstrated the effectiveness of the proposed approach by empirically comparing it with an existing policy testing tool specifically designed for XACML. In future work, we plan to further evaluate the effectiveness of our approach by applying it to other policy languages such as Ponder [2]. We also plan to adapt our approach to handel stateful policies such as those for managing roles in RBAC and stateful firewall policies.",

author = "Ting Yu and Dhivya Sivasubramanian and Tao Xie",

year = "2009",

doi = "10.1145/1558607.1558623",

language = "English (US)",

isbn = "9781605585185",

series = "ACM International Conference Proceeding Series",

booktitle = "CSIIRW09",

note = "CSIIRW 2009: 5th Annual Cyber Security and Information Intelligence Research Workshop: Cyber Security and Information Intelligence Challenges and Strategies ; Conference date: 13-04-2009 Through 15-04-2009",

}

TY - GEN

T1 - Security policy testing via automated program code generation

AU - Yu, Ting

AU - Sivasubramanian, Dhivya

AU - Xie, Tao

PY - 2009

Y1 - 2009

N2 - In this paper, we have presented a new general framework for policy esting via automated program code generation. This framework allows to easily reuse existing software testing techniques and tools to ensure the correctness of security policies. We have demonstrated the effectiveness of the proposed approach by empirically comparing it with an existing policy testing tool specifically designed for XACML. In future work, we plan to further evaluate the effectiveness of our approach by applying it to other policy languages such as Ponder [2]. We also plan to adapt our approach to handel stateful policies such as those for managing roles in RBAC and stateful firewall policies.

AB - In this paper, we have presented a new general framework for policy esting via automated program code generation. This framework allows to easily reuse existing software testing techniques and tools to ensure the correctness of security policies. We have demonstrated the effectiveness of the proposed approach by empirically comparing it with an existing policy testing tool specifically designed for XACML. In future work, we plan to further evaluate the effectiveness of our approach by applying it to other policy languages such as Ponder [2]. We also plan to adapt our approach to handel stateful policies such as those for managing roles in RBAC and stateful firewall policies.

UR - http://www.scopus.com/inward/record.url?scp=70350692141&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=70350692141&partnerID=8YFLogxK

U2 - 10.1145/1558607.1558623

DO - 10.1145/1558607.1558623

M3 - Conference contribution

AN - SCOPUS:70350692141

SN - 9781605585185

T3 - ACM International Conference Proceeding Series

BT - CSIIRW09

T2 - CSIIRW 2009: 5th Annual Cyber Security and Information Intelligence Research Workshop: Cyber Security and Information Intelligence Challenges and Strategies

Y2 - 13 April 2009 through 15 April 2009

ER -

Security policy testing via automated program code generation

Abstract

Publication series

Other

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this