Loading in 2 Seconds...
Loading in 2 Seconds...
Scalable and Effective Test Generation for Access Control Systems. Ammar Masood School of Electrical & Computer Engineering Purdue University 11 th September, 2006. Outline. Introduction Problems and Contributions – Part A Details of Proposed Solutions – Part B Conclusion and Future Work.
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Ammar Masood
School of Electrical & Computer Engineering
Purdue University
11th September, 2006
1
2
3
*Data as of 8/30/06
4
Access control in organizations is based on “roles that individual users take on as part of the organization”
A role is “is a collection of permissions”
Constraints are applied to all the links
Role Based Access Control (RBAC) and Temporal RBACTRBAC extends RBAC by imposing duration constraints on userrole assignments/activations and permissionrole assignments
7
8
9
10
11
12
13
14
15
16
17
18
19
20
22
23
24
25
26
27
28
DS11
DS21
AS21
AS11
DS21
DS11
1000
0010
DS11
AS21
AC21
AS11
DS21
AC11
DC11
DS21
DC21
DS11
1100
1010
0011
DS21
DS11
AC21
DC21
AC11
DC11
AS21
AS11
1110
1011
Sample FSMTwo users, one role. Only one user can activate the role.
Number of states≤32.
AS: assign. DS: Deassign. AC: activate. DC: deactivate.
Xij: do X for user i role j.
29
H1: Separate assignment and activation
H2: Use FSM for activation and single test sequence for assignment
H3: Use single test sequence for assignment and activation
H4: Use a separate FSM for each user
H5: Use a separate FSM for each role
H6: Create user groups for FSM modeling.
30
00
AS11
AC11
AC21
DS11
DS21
DC11
DC21
DS21
DS11
AC21
AC11
10
10
AS21
01
01
11
AC21
00
AC11
00
AS21
AS11
DS21
DS21
DS11
DS11
AC21
AC11
10
11
10
11
DC21
DC11
Reduced ModelsAssignment Machine
Activation Machine
Heuristic 1
User u1 Machine
User u2 Machine
Heuristic 4
31
32
where
33
34
35
36
37
38
40
43
L0
L0 URassign(u1,r1)=0, URactive(u1,r1)=0
L1 URassign(u1,r1)=1, URactive(u1,r1)=0
L2 URassign(u1,r1)=1, URassign(u1,r1)=1
x1=t1
!DS(u1,r1)
x1=t1
!DS(u1,r1)
?AS(u1,r1,t1)
x1:=0
L1
L2
x2=t2
!DC(u1,r1)
?AC(u1,r1,t2)
x2:=0
TRBAC Modeling45
46
47
Set(x1,4)
?AC(u1,r1,t2)
0
x1
0
0
4
x1
0
0
4
0
0
2
4
2
l1
l0
l0
l1
l0
l2
l0
t1=4 and t2=2


2
0
2


L0
Exp(x1,4),
!DS(u1,r1)
?AS(u1,r1),
Set(x1,4)
x1=t1
!DS(u1,r1)
x1=t1
!DS(u1,r1)
q2
q0
q1
?AS(u1,r1,t1)
x1:=0
?AC(u1,r1),
Set(x2,2)
Exp(x2,2),
!DC(u1,r1)
L1
L2
Exp(x2,2),?AS(u1,r1), Set(x1,4)
x2=t2
!DC(u1,r1)
q3
q4
Exp(x1,4),
!DS(u1,r1)
Exp(x1,4),
!DS(u1,r1)
?AC(u1,r1,t2)
x2:=0
seFSA
q5
Exp(x1,4), Exp (x2,2) !DS(u1,r1)
Exp(x2,2)
q6
seFSA Transformation [Khoumsi]48
49
50
TestController
ClockHandler
Exp(c,k)
Test System
State query
output
input
State info
ACUT
How to Apply a Test Sequence ?51
FM
correlated with
TIOA
FM
correlated with
seFSA
FM
Fault Coverage of CTS52
53
54
56
transfer fault
0000
AS21
AS11
A transfer fault
AS11
DS21
0010
0010
AS11
transfer fault
f1: UR1 fault
UR1 and UR2 faults
ManytoMany Relation between RBAC and FSM faults58
0000
DS11
DS21
t6
t1
AS21
t4
AS11
t7
DS21
t9
DS11
1000
0010
DS11
t2
AS21
AC21
AS11
DS21
t5
AC11
DC11
DS21
DC21
DS11
t10
t8
1100
1010
0011
DS21
DS11
AC21
DC21
AC11
DC11
AS21
AS11
1110
1011
00
00
t4
t6
t1
t3
AS21
AS11
DS21
DS21
DS11
DS11
t7
t9
t2
t5
AC21
AC11
10
11
10
11
t8
DC21
t10
DC11
Fault Coverage of H4 for Boundary Case 1FSM(P)
H4: Mu1 and Mu2
61