Testing Implementations Of Access Control Systems
This presentation is the property of its rightful owner.
Sponsored Links
1 / 18

Testing Implementations Of Access Control Systems (New Proposal) PowerPoint PPT Presentation


  • 90 Views
  • Uploaded on
  • Presentation posted in: General

Testing Implementations Of Access Control Systems (New Proposal). Ammar Masood: Graduate Student Arif Ghafoor (ECE) and Aditya Mathur (CS) Purdue University, West Lafayette SERC Showcase, June 7-8, 2006 Motorola Labs, Schaumburg, IL. Research Objectives.

Download Presentation

Testing Implementations Of Access Control Systems (New Proposal)

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Testing implementations of access control systems new proposal

Testing Implementations Of Access Control Systems(New Proposal)

Ammar Masood: Graduate Student

Arif Ghafoor (ECE) and Aditya Mathur (CS)

Purdue University, West Lafayette

SERC Showcase, June 7-8, 2006

Motorola Labs, Schaumburg, IL

1


Research objectives

Research Objectives

  • To develop, experiment with and study the effectiveness of techniques for the generation of tests to validate conformance of implementations of access control policies (in particular Role Based Access Control [RBAC] with or without temporal constraints)

2


Related work

Related Work

  • R. Chandramouli. M. Blackburn. Automated Testing of Security Functions using a combined Model & Interface driven Approach. Proc. 37th Hawaii International Conference on System Sciences, pp. 299-308, 2004

  • J. Springintveld, F. Vaandrager and P.R. D'Argenio. Testing timed automata. Theoretical Computer Science, 254(1-2), pp. 225-257, 2001

  • A. En-Nouaary, R. Dssouli and F. Khendek. Timed Wp method: testing real time systems. IEEE Transactions on Software Engineering, 28(11), pp. 1023 – 1038, 2002.

  • K.G. Larsen, M. Mikucionis and B. Nielsen. Online Testing of Real-time Systems Using UPPAAL. Formal Approaches to Testing of Software. Linz, Austria. September 21, 2004

3


Proposed test infrastructure

Access Control policy

Policy tests

Test harness

Policy verifier

plugin

Test generator

plugin

IUT

Policy

(internal representation)

Modeling plugin

Policy model

Proposed Test Infrastructure

4


Challenges

Challenges

  • Modeling:

    • Naïve FSM or timed automata models are prohibitively large even for policies with 10 users and 5 roles (and 3 clocks).

    • How to reduce model size and the tests generated?

  • Test generation:

    • How to generate tests to detect (ideally) all policy violation faults that might lead to violation of the policy?

  • Test execution:

    • Distributed policy enforcement?

5


Proposed approach

Proposed Approach

  • Express behavior implied by a policy as an FSM.

  • Apply heuristics to scale down the model.

  • Use the W- method, or its variant, to generate tests from the scaled down model.

  • Generate additional tests using a combination of stress and random testing aimed at faults that might go undetected due to scaling.

6


Sample model

0000

DS11

DS21

AS21

AS11

DS21

DS11

1000

0010

DS11

AS21

AC21

AS11

DS21

AC11

DC11

DS21

DC21

DS11

1100

1010

0011

DS21

DS11

AC21

DC21

AC11

DC11

AS21

AS11

1110

1011

Sample Model

Two users, one role. Only one user can activate the role.

Number of states≤32.

AS: assign. DS: De-assign. AC: activate. DC: deactivate.

Xij: do X for user i role j.

7


Heuristics

Heuristics

H1: Separate assignment and activation

H2: Use FSM for activation and single test sequence for assignment

H3: Use single test sequence for assignment and activation

H4: Use a separate FSM for each user

H5: Use a separate FSM for each role

H6: Create user groups for FSM modeling.

8


Reduced models

00

00

AS11

AC11

AC21

DS11

DS21

DC11

DC21

DS21

DS11

AC21

AC11

10

10

AS21

01

01

11

AC21

00

AC11

00

AS21

AS11

DS21

DS21

DS11

DS11

AC21

AC11

10

11

10

11

DC21

DC11

Reduced Models

Assignment Machine

Activation Machine

Heuristic 1

User u1 Machine

User u2 Machine

Heuristic 4

9


Tests generated

Tests Generated

10


Fault model

Fault Model

11


Claim

Claim

The proposed method for generating the complete behavior model and tests guarantees a test set that detects all faults in the IUT that correspond to the proposed fault model when the number of states in the IUT is correctly estimated.

12


Future research

Future Research

  • Modeling:

    • Handling timing constraints? (timed automata, fault model, heuristics)

  • Experimentation:

    • With large/realistic policies to assess the efficiency and effectiveness of the test generation methods.

  • Prototype tool development

13


Schedule

Schedule

  • Month 1: Extend the un-timed Fault Model for temporal RBAC

  • Months 2-4: Study applicability/extensions in existing timed automata test generation techniquesfor complete fault coverage with respect to the timed fault model

  • Months: 5-8: Develop techniques to reduce the cost of testing (Number of test cases)

  • Months 9-11: Perform a case study to verify the efficacy of the finally proposed approach.

  • Month 12: Final report.

14


Deliverables

Deliverables

  • A methodology for testing access control implementations that employ temporal constraints.

  • Evaluation of the methodology through a case study.

  • A set of recommendations on the implementation of the methodology as an integral part of the software development lifecycle.

15


Budget year 1

Budget- Year 1

  • Salaries (faculty + graduate student): $30,000

  • Travel: $8,000

  • Miscellaneous: $2000

  • Indirect costs: $10,000

  • Total: $50,000

16


Testing implementations of access control systems new proposal

17


Sequential steps to a verified implementation

Access Control Policy Specifications

Specificationverification

Step 1

Consistent Specifications

Policy Implementation

Step 2

Access Control System Implementation

Security Testing

Step 3

Security Verified Implementation

Sequential Steps to a Verified Implementation

18


  • Login