The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Conformance Testing of Temporal Role Based Access Control

Download

Download PDF Document
PDF

Author

Ammar Masood, Arif Ghafoor, Aditya Mathur

Tech report number

CERIAS TR 2006-30

Entry type

techreport

Abstract

Access control is a key security service at the foundation of information and system security. It has been extended with temporal constraints to support real-time considerations. Conformance testing of an access control implementation is crucial to ensure that it correctly enforces any required temporal and non-temporal policies for access control. We propose an approach for conformance testing of implementations required to enforce access control policies specified using Temporal Role Based Access Control (TRBAC) model. The proposed approach uses Timed Input Output Automata (TIOA) to model the behavior specified by a TRBAC policy. The TIOA model is then transformed to a deterministic se-FSA model that captures any temporal constraint by using two special events Set and Exp. Finally we adapt the W-method and use an integer programming based approach to construct a conformance test suite from the transformed model. The conformance test suite so generated provides complete fault coverage with respect to the proposed fault model for TRBAC specifications.

Download

PDF

Institution

Purdue University, West Lafayette IN

Key alpha

masood

Publication Date

2001-01-01

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.