A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2010; you can also visit the original URL.
The file type is application/pdf
.
Assessing Quality of Policy Properties in Verification of Access Control Policies
2008
2008 Annual Computer Security Applications Conference (ACSAC)
Access control policies are often specified in declarative languages. In this paper, we propose a novel approach, called mutation verification, to assess the quality of properties specified for a policy and, in doing so, the quality of the verification itself. In our approach, given a policy and a set of properties, we first mutate the policy to generate various mutant policies, each with a single seeded fault. We then verify whether the properties hold for each mutant policy. If the properties
doi:10.1109/acsac.2008.48
dblp:conf/acsac/MartinHXH08
fatcat:dippufpynzcgxkyaf6ann4o6pq