A Security Function Test Suite Generation Method Based on Security Policy Model

Zhang Min, Feng Dengguo, and Chen Chi

Journal of Computer Research and Development > 2009 > 46(10): 1686-1692.

Zhang Min, Feng Dengguo, and Chen Chi. A Security Function Test Suite Generation Method Based on Security Policy Model[J]. Journal of Computer Research and Development, 2009, 46(10): 1686-1692.

Citation:

Zhang Min, Feng Dengguo, and Chen Chi. A Security Function Test Suite Generation Method Based on Security Policy Model[J]. Journal of Computer Research and Development, 2009, 46(10): 1686-1692.

Citation:

Zhang Min, Feng Dengguo, and Chen Chi. A Security Function Test Suite Generation Method Based on Security Policy Model[J]. Journal of Computer Research and Development, 2009, 46(10): 1686-1692.

PDF (906 KB)

A Security Function Test Suite Generation Method Based on Security Policy Model

Zhang Min, Feng Dengguo, and Chen Chi

(State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing 100190)

More Information

Published Date: October 14, 2009

Graphical Abstract

Abstract

Abstract

The third-party independent security function testing is one essential step of the security evaluation of security products. Generally the test case generation of independence testing is based on the product specification. However, in the independence testing of security products such as the secure database management system (SDBMS)，the product must satisfy the requirement of the security policies in addition to the requirement of the product specification, which describes the objects and the measurement of the protection. Since the behaviors of security products are more precisely described in the security models instead of the specifications, the authors provide a test case generation method based on the formal security policy model. The method include the generation of the test specification based on the formal security policy model, the test space partitioning based on both the grammar and rules; partitioning rule based on the type and the combination principles. The method is more likely to find the fault and error in the product than in manual testing, and it helps the automation of testing and improves the efficiency.
- security policy model,
- security functional test,
- test case generation,
- test automation,
- type-based partition

FullText(HTML)

References (0)

[1]	Huang Shuangqu, Xiang Bo, Bao Dan, Chen Yun, and Zeng Xiaoyang. VLSI Implementation of Multi-Standard LDPC Decoder Based on SIMD Architecture[J]. Journal of Computer Research and Development, 2010, 47(7): 1313-1320.
[2]	Xu Long, Deng Lei, Peng Xiaoming, Ji Xiangyang, Gao Wen. The VLSI Design of AVS Entropy Coder[J]. Journal of Computer Research and Development, 2009, 46(5): 881-888.
[3]	Luo Zuying, Pan Yuedou. Transistor-Level Methodology on Power Optimization for CMOS Circuits[J]. Journal of Computer Research and Development, 2008, 45(4): 734-740.
[4]	Li Qing, Deng Yunsong, Zeng Xiaoyang, and Gu Yehua. VLSI Design and Implementation of a High-Speed Viterbi Decoder[J]. Journal of Computer Research and Development, 2007, 44(12): 2143-2148.
[5]	Wen Dongxin, Yang Xiaozong, and Wang Ling. A High Level Synthesis Scheme and Its Realization for Low Power Design in VLSI[J]. Journal of Computer Research and Development, 2007, 44(7): 1259-1264.
[6]	Zhao Jia, Zeng Xiaoyang, Han Jun, Wang Jing, and Chen Jun. VLSI Implementation of an AES Algorithm Resistant to Differential Power Analysis Attack[J]. Journal of Computer Research and Development, 2007, 44(3).
[7]	Wu Min, Zeng Xiaoyang, Han Jun, Ma Yongxin, Wu Yongyi, and Zhang Guoquan. A Low Cost RSA Chip Design Based on CRT[J]. Journal of Computer Research and Development, 2006, 43(4): 639-645.
[8]	Lan Xuguang, Zheng Nanning, Xue Jianru, Wang Fei, and Liu Yuehu. Low-Power and High-Speed VLSI Architecture Design of 2-D DWT/IDWT[J]. Journal of Computer Research and Development, 2005, 42(11): 1889-1895.
[9]	He Weifeng, Mao Zhigang, Lü Zhiqiang, and Yin Haifeng. VLSI Design for Full-Search Block-Matching Full-Pel Motion Estimation Processor[J]. Journal of Computer Research and Development, 2005, 42(7): 1225-1230.
[10]	Li Tiejun, Shen Chengdong, and Li Sikun. A VLSI Architecture for PMVFAST Block-Based Motion Estimation Algorithm[J]. Journal of Computer Research and Development, 2005, 42(4): 537-543.