Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Testing Implementations Of Access Control Systems (New Proposal) Ammar Masood: Graduate Student Arif Ghafoor (ECE) and Aditya Mathur (CS) Purdue University,

Published byToby Farmer Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Testing Implementations Of Access Control Systems (New Proposal) Ammar Masood: Graduate Student Arif Ghafoor (ECE) and Aditya Mathur (CS) Purdue University,"— Presentation transcript:

1 1 Testing Implementations Of Access Control Systems (New Proposal) Ammar Masood: Graduate Student Arif Ghafoor (ECE) and Aditya Mathur (CS) Purdue University, West Lafayette SERC Showcase, June 7-8, 2006 Motorola Labs, Schaumburg, IL

2 2 Research Objectives To develop, experiment with and study the effectiveness of techniques for the generation of tests to validate conformance of implementations of access control policies (in particular Role Based Access Control [RBAC] with or without temporal constraints)

3 3 Related Work R. Chandramouli. M. Blackburn. Automated Testing of Security Functions using a combined Model & Interface driven Approach. Proc. 37th Hawaii International Conference on System Sciences, pp. 299-308, 2004 J. Springintveld, F. Vaandrager and P.R. D'Argenio. Testing timed automata. Theoretical Computer Science, 254(1-2), pp. 225-257, 2001 A. En-Nouaary, R. Dssouli and F. Khendek. Timed Wp method: testing real time systems. IEEE Transactions on Software Engineering, 28(11), pp. 1023 – 1038, 2002. K.G. Larsen, M. Mikucionis and B. Nielsen. Online Testing of Real-time Systems Using UPPAAL. Formal Approaches to Testing of Software. Linz, Austria. September 21, 2004

4 4 Proposed Test Infrastructure Access Control policy Policy verifier plugin Policy (internal representation) Policy model Policy tests Modeling plugin Test generator plugin Test harness IUT

5 5 Challenges Modeling: Naïve FSM or timed automata models are prohibitively large even for policies with 10 users and 5 roles (and 3 clocks). How to reduce model size and the tests generated? Test generation: How to generate tests to detect (ideally) all policy violation faults that might lead to violation of the policy? Test execution: Distributed policy enforcement?

6 6 Proposed Approach Express behavior implied by a policy as an FSM. Apply heuristics to scale down the model. Use the W- method, or its variant, to generate tests from the scaled down model. Generate additional tests using a combination of stress and random testing aimed at faults that might go undetected due to scaling.

7 7 Sample Model Two users, one role. Only one user can activate the role. Number of states≤3 2. AS 11 0000 10000010 1100 1110 10100011 1011 AS 21 AC 11 AC 21 AS 21 AS 11 AC 21 AC 11 AS 11 DS 11 DS 21 DC 11 DS 21 DC 11 DS 11 DS 21 DS 11 DC 21 DS 21 DS 11 DS 21 AS: assign. DS: De-assign. AC: activate. DC: deactivate. X ij : do X for user i role j.

8 8 Heuristics H1: Separate assignment and activation H2: Use FSM for activation and single test sequence for assignment H3: Use single test sequence for assignment and activation H4: Use a separate FSM for each user H5: Use a separate FSM for each role H6: Create user groups for FSM modeling.

9 9 Reduced Models AS 11 00 10 01 DS 21 DS 11 11 AS 21 DS 11 DS 21 AC 11 00 10 01 AC 21 DC 21 DC 11 AC 21 AC 11 Assignment MachineActivation Machine Heuristic 1 AS 11 00 1011 DS 11 AC 11 DC 11 AC 11 AS 21 00 1011 DS 21 AC 21 DC 21 AC 21 Heuristic 4 User u 1 MachineUser u 2 Machine

10 10 Tests Generated

11 11 Fault Model

12 12 Claim The proposed method for generating the complete behavior model and tests guarantees a test set that detects all faults in the IUT that correspond to the proposed fault model when the number of states in the IUT is correctly estimated.

13 13 Future Research Modeling: Handling timing constraints? (timed automata, fault model, heuristics) Experimentation: With large/realistic policies to assess the efficiency and effectiveness of the test generation methods. Prototype tool development

14 14 Schedule Month 1: Extend the un-timed Fault Model for temporal RBAC Months 2-4: Study applicability/extensions in existing timed automata test generation techniques for complete fault coverage with respect to the timed fault model Months: 5-8: Develop techniques to reduce the cost of testing (Number of test cases) Months 9-11: Perform a case study to verify the efficacy of the finally proposed approach. Month 12: Final report.

15 15 Deliverables A methodology for testing access control implementations that employ temporal constraints. Evaluation of the methodology through a case study. A set of recommendations on the implementation of the methodology as an integral part of the software development lifecycle.

16 16 Budget- Year 1 Salaries (faculty + graduate student): $30,000 Travel: $8,000 Miscellaneous: $2000 Indirect costs: $10,000 Total: $50,000

17 17

18 18 Sequential Steps to a Verified Implementation Step 1 Security Testing Access Control Policy Specifications Specification verification Consistent Specifications Policy Implementation Access Control System Implementation Security Verified Implementation Step 2 Step 3

Download ppt "1 Testing Implementations Of Access Control Systems (New Proposal) Ammar Masood: Graduate Student Arif Ghafoor (ECE) and Aditya Mathur (CS) Purdue University,"

Similar presentations

Verification and Validation

Verification and Validation
Presentation by Prabhjot Singh

Presentation by Prabhjot Singh
Formal Modelling of Reactive Agents as an aggregation of Simple Behaviours P.Kefalas Dept. of Computer Science 13 Tsimiski Str. 546 24 Thessaloniki Greece.

Formal Modelling of Reactive Agents as an aggregation of Simple Behaviours P.Kefalas Dept. of Computer Science 13 Tsimiski Str Thessaloniki Greece.
Formalizing Security Requirements for Grids Syed Naqvi 1,2, Philippe Massonet 1, Alvaro Arenas 2 1 Centre of Excellence in Information and Communication.

Formalizing Security Requirements for Grids Syed Naqvi 1,2, Philippe Massonet 1, Alvaro Arenas 2 1 Centre of Excellence in Information and Communication.
Software Quality Assurance Plan

Software Quality Assurance Plan
CSC 480 Software Engineering

CSC 480 Software Engineering
1 On the Limitations of Finite State Models as Sources of Tests for Access Control and Authentication Aditya Mathur Professor of Computer Science Purdue.

1 On the Limitations of Finite State Models as Sources of Tests for Access Control and Authentication Aditya Mathur Professor of Computer Science Purdue.
Automated Analysis and Code Generation for Domain-Specific Models George Edwards Center for Systems and Software Engineering University of Southern California.

Automated Analysis and Code Generation for Domain-Specific Models George Edwards Center for Systems and Software Engineering University of Southern California.
A GOAL-BASED FRAMEWORK FOR SOFTWARE MEASUREMENT

A GOAL-BASED FRAMEWORK FOR SOFTWARE MEASUREMENT
ECE 667 - Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.

ECE Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.
Chapter 9 & 10 Database Planning, Design and Administration.

Chapter 9 & 10 Database Planning, Design and Administration.
Scheduling with Optimized Communication for Time-Triggered Embedded Systems Slide 1 Scheduling with Optimized Communication for Time-Triggered Embedded.

Scheduling with Optimized Communication for Time-Triggered Embedded Systems Slide 1 Scheduling with Optimized Communication for Time-Triggered Embedded.
Software Testing and Reliability Testing Real-Time Systems Aditya P. Mathur Purdue University May 19-23, Corporation Minneapolis/St Paul,

Software Testing and Reliability Testing Real-Time Systems Aditya P. Mathur Purdue University May 19-23, Corporation Minneapolis/St Paul,
Testing Implementations of Access Control and Authentication Graduate Students: Ammar Masood, K. Jayaram School of Electrical and Computer Engineering.

Testing Implementations of Access Control and Authentication Graduate Students: Ammar Masood, K. Jayaram School of Electrical and Computer Engineering.
1 Scalable and Effective Test Generation for Access Control Systems Ammar Masood School of Electrical & Computer Engineering Purdue University 11 th September,

1 Scalable and Effective Test Generation for Access Control Systems Ammar Masood School of Electrical & Computer Engineering Purdue University 11 th September,
End-to-End Design of Embedded Real-Time Systems Kang G. Shin Real-Time Computing Laboratory EECS Department The University of Michigan Ann Arbor, MI 48019-2122.

End-to-End Design of Embedded Real-Time Systems Kang G. Shin Real-Time Computing Laboratory EECS Department The University of Michigan Ann Arbor, MI
Outline Types of errors Component Testing Testing Strategy

Outline Types of errors Component Testing Testing Strategy
5/24/011 Advanced Tool Integration for Embedded Systems Assurance Insup Lee Department of Computer and Information Science University of Pennsylvania.

5/24/011 Advanced Tool Integration for Embedded Systems Assurance Insup Lee Department of Computer and Information Science University of Pennsylvania.
Software Engineering Tools and Methods Presented by: Mohammad Enamur Rashid(2009-1-96-04) Mohammad Rashim Uddin(2009-1-96-008) Masud Ur Rahman(2009-1-96-009)

Software Engineering Tools and Methods Presented by: Mohammad Enamur Rashid( ) Mohammad Rashim Uddin( ) Masud Ur Rahman( )
Types and Techniques of Software Testing

Types and Techniques of Software Testing

Similar presentations

Ads by Google