Presentation is loading. Please wait.

Presentation is loading. Please wait.

Testing Implementations of Access Control and Authentication Graduate Students: Ammar Masood, K. Jayaram School of Electrical and Computer Engineering.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Testing Implementations of Access Control and Authentication Graduate Students: Ammar Masood, K. Jayaram School of Electrical and Computer Engineering."— Presentation transcript:

1 Testing Implementations of Access Control and Authentication Graduate Students: Ammar Masood, K. Jayaram School of Electrical and Computer Engineering Department of Computer Science Purdue University Faculty: Arif Ghafoor (ECE), Aditya Mathur (CS) May 10, 2006 Oak Ridge National Lab, Oak Ridge, TN Cyber Security & Information Infrastructure Workshop

2 5/10/06Testing Access Control and Authentication2 Research Objective To develop and experiment with novel techniques for the generation of tests to test implementations of access control policies and authentication protocols.

3 5/10/06Testing Access Control and Authentication3 Target security mechanisms Role based access control (RBAC) with or without temporal constraints. Authentication protocols (e.g. TLS)

4 5/10/06Testing Access Control and Authentication4 Proposed Test Infrastructure (Access control) Access Control policy Policy verifier plugin Policy (internal representation) Policy model Policy tests Modeling plugin Test generator plugin Test harness IUT

5 5/10/06Testing Access Control and Authentication5 Challenges Modeling: Naïve FSM or timed automata models are prohibitively large even for policies with 10 users and 5 roles (and 3 clocks). How to reduce model size and the tests generated? Test generation: How to generate tests to detect (ideally) all policy violation faults that might lead to violation of the policy? Test execution: Distributed policy enforcement?

6 5/10/06Testing Access Control and Authentication6 Proposed Approach Express behavior implied by a policy as an FSM. Apply heuristics to scale down the model. Use the W- method, or its variant, to generate tests from the scaled down model. Generate additional tests using a combination of stress and random testing aimed at faults that might go undetected due to scaling.

7 5/10/06Testing Access Control and Authentication7 Sample model Two users, one role. Only one user can activate the role. Number of states≤3 2. AS: assign. DS: De-assign. AC: activate. DC: deactivate. X ij : do X for user i role j.

8 5/10/06Testing Access Control and Authentication8 Heuristics H1: Separate assignment and activation H2: Use FSM for activation and single test sequence for assignment H3: Use single test sequence for assignment and activation H4: Use a separate FSM for each user H5: Use a separate FSM for each role H6: Create user groups for FSM modeling.

9 5/10/06Testing Access Control and Authentication9 Fault model

10 5/10/06Testing Access Control and Authentication10 Tests generated

11 5/10/06Testing Access Control and Authentication11 Concurrency and Cryptographic protocols Cryptographic protocols are highly concurrent because they involve multiple principals (they may be synchronous or asynchronous) Man-in-the–middle attacks exploit concurrency-related aspects. Attackers can read/delete/modify messages between concurrent principals Concurrency is an in-alienable part of every protocol. A test case for testing a cryptographic protocol involves concurrent principals Formal models used to derive tests should therefore support concurrency! --> Statecharts is our choice.

12 5/10/06Testing Access Control and Authentication12 Other aspects of concurrency A server for example, has several sessions of a protocol running concurrently. The protocol implementation should be thread safe. Principals in one concurrent session should not be able to access parameters of a parallel session Protocol implementations may be required to satisfy performance requirements in a multi-session scenario – this is important for performance/stress testing

13 5/10/06Testing Access Control and Authentication13 What is next… Modeling: Handling timing constraints? (timed automata, fault model, heuristics) Handling authentication protocols? (Statecharts, insecure paths, test generation) Dealing with concurrency? Experimentation: With large/realistic policies and commercial authentication protocols to assess the efficiency and effectiveness of the test generation methods. Prototype tool development (Money???)

Download ppt "Testing Implementations of Access Control and Authentication Graduate Students: Ammar Masood, K. Jayaram School of Electrical and Computer Engineering."

Similar presentations

Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.

Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.
Seyedehmehrnaz Mireslami, Mohammad Moshirpour, Behrouz H. Far Department of Electrical and Computer Engineering University of Calgary, Canada {smiresla,

Seyedehmehrnaz Mireslami, Mohammad Moshirpour, Behrouz H. Far Department of Electrical and Computer Engineering University of Calgary, Canada {smiresla,
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Testing Concurrent/Distributed Systems Review of Final CEN 5076 Class 14 – 12/05.

Testing Concurrent/Distributed Systems Review of Final CEN 5076 Class 14 – 12/05.
1 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 “draft-urien-eap-smartcard-type-00.txt” EAP Smart Card Protocol (EAP-SC)

1 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 “draft-urien-eap-smartcard-type-00.txt” EAP Smart Card Protocol (EAP-SC)
1 On the Limitations of Finite State Models as Sources of Tests for Access Control and Authentication Aditya Mathur Professor of Computer Science Purdue.

1 On the Limitations of Finite State Models as Sources of Tests for Access Control and Authentication Aditya Mathur Professor of Computer Science Purdue.
Deeper Security Analysis of Web-based Identity Federation Apurva Kumar IBM Research – India.

Deeper Security Analysis of Web-based Identity Federation Apurva Kumar IBM Research – India.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.
Grid Security. Typical Grid Scenario Users Resources.

Grid Security. Typical Grid Scenario Users Resources.
CMSC 414 Computer (and Network) Security Lecture 26 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 26 Jonathan Katz.
1 Ivan Lanese Computer Science Department University of Bologna Roberto Bruni Computer Science Department University of Pisa A mobile calculus with parametric.

1 Ivan Lanese Computer Science Department University of Bologna Roberto Bruni Computer Science Department University of Pisa A mobile calculus with parametric.
ECE 667 - Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.

ECE Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.
WPDRTS ’05 1 Workshop on Parallel and Distributed Real-Time Systems 2005 April 4th and 5th, 2005, Denver, Colorado Challenge Problem Session Detection.

WPDRTS ’05 1 Workshop on Parallel and Distributed Real-Time Systems 2005 April 4th and 5th, 2005, Denver, Colorado Challenge Problem Session Detection.
A General approach to MPLS Path Protection using Segments Ashish Gupta Ashish Gupta.

A General approach to MPLS Path Protection using Segments Ashish Gupta Ashish Gupta.
Computer Science 162 Section 1 CS162 Teaching Staff.

Computer Science 162 Section 1 CS162 Teaching Staff.
1 of 20 Octopus: document handling Document handling: three modeling approaches Marc Voorhoeve Venkatesh Kannan TUE.

1 of 20 Octopus: document handling Document handling: three modeling approaches Marc Voorhoeve Venkatesh Kannan TUE.
Software Testing and Reliability Testing Real-Time Systems Aditya P. Mathur Purdue University May 19-23, Corporation Minneapolis/St Paul,

Software Testing and Reliability Testing Real-Time Systems Aditya P. Mathur Purdue University May 19-23, Corporation Minneapolis/St Paul,
1 Scalable and Effective Test Generation for Access Control Systems Ammar Masood School of Electrical & Computer Engineering Purdue University 11 th September,

1 Scalable and Effective Test Generation for Access Control Systems Ammar Masood School of Electrical & Computer Engineering Purdue University 11 th September,
Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.

Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.
Real-Time System Requirements & Design Specs Shaw - Chapters 3 & 4 Homework #2: 3.3.1, 3.4.1, Add Error states to Fig 4.1 Lecture 4/17.

Real-Time System Requirements & Design Specs Shaw - Chapters 3 & 4 Homework #2: 3.3.1, 3.4.1, Add Error states to Fig 4.1 Lecture 4/17.

Similar presentations

Ads by Google