by Tejeddine Mouelhi, Franck Fleurey, Benoit Baudry, Yves Le Traon
Abstract:
In this paper we show how DAC and MAC security policies can be specified, implemented and validated through mutation testing using a generic approach. This work is based on a generic security framework originally designed to support RBAC and OrBAC security policies and their implementation in Java applications.
Reference:
Mutating DAC And MAC Security Policies: A Generic Metamodel Based Approach (Tejeddine Mouelhi, Franck Fleurey, Benoit Baudry, Yves Le Traon), In Proceedings of the Modeling Security Workshop at MODELS ’08, 2008.
Bibtex Entry:
@inproceedings{mouelhi08b, Abstract = {In this paper we show how DAC and MAC security policies can be specified, implemented and validated through mutation testing using a generic approach. This work is based on a generic security framework originally designed to support RBAC and OrBAC security policies and their implementation in Java applications.}, keywords = {test, security}, Author = {Mouelhi, Tejeddine and Fleurey, Franck and Baudry, Benoit and Le Traon, Yves}, Booktitle = {Proceedings of the Modeling Security Workshop at MODELS '08}, Title = {Mutating DAC And MAC Security Policies: A Generic Metamodel Based Approach}, x-abbrv = {MDSEC}, X-Country = {FR}, X-International-Audience = {yes}, X-Language = {EN}, X-Proceedings = {yes}, Year = {2008}, url = {http://www.irisa.fr/triskell/publis/2008/mouelhi08b.pdf}}