@inproceedings{a538c98e610247bd92fa74254117f6fd,
title = "Enabling Verification and conformance testing for access control model",
abstract = "Verification and testing are the important step for software assurance. However, such crucial and yet challenging tasks have not been widely adopted in building access control systems. In this paper we propose a methodology to support automatic analysis and conformance testing for access control systems, integrating those features to Assurance Management Framework (AMF). Our methodology attempts to verify formal specifications of a role-based access control model and corresponding policies with selected security properties. Also, we systematically articulate testing cases from formal specifications and validate conformance to the system design and implementation using those cases. In addition, we demonstrate feasibility and effectiveness of our methodology using SAT and Alloy toolset.",
keywords = "Access control, Alloy, Model-based testing, Model-based verification, Sat solver",
author = "Hongxin Hu and Ahn, {Gail Joon}",
year = "2008",
doi = "10.1145/1377836.1377867",
language = "English (US)",
isbn = "9781605581293",
series = "Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT",
pages = "195--204",
booktitle = "SACMAT'08 - Proceedings of the 13th ACM Symposium on Access Control Models and Technologies",
note = "13th ACM Symposium on Access Control Models and Technologies, SACMAT'08 ; Conference date: 11-06-2008 Through 13-06-2008",
}