Assessing Quality of Policy Properties in Verification of Access Control Policies

Evan Martin, JeeHyun Hwang, Tao Xie, Vincent Hu
2008 2008 Annual Computer Security Applications Conference (ACSAC)  
Access control policies are often specified in declarative languages. In this paper, we propose a novel approach, called mutation verification, to assess the quality of properties specified for a policy and, in doing so, the quality of the verification itself. In our approach, given a policy and a set of properties, we first mutate the policy to generate various mutant policies, each with a single seeded fault. We then verify whether the properties hold for each mutant policy. If the properties
more » ... still hold for a given mutant policy, then the quality of these properties is determined to be insufficient in guarding against the seeded fault, indicating that more properties are needed to augment the existing set of properties to provide higher confidence of the policy correctness. We have implemented Mutaver, a mutation verification tool for XACML, and applied it to policies and properties from a real-world software system.
doi:10.1109/acsac.2008.48 dblp:conf/acsac/MartinHXH08 fatcat:dippufpynzcgxkyaf6ann4o6pq