A Security Function Test Suite Generation Method Based on Security Policy Model

The third-party independent security function testing is one essential step of the security evaluation of security products. Generally the test case generation of independence testing is based on the product specification. However, in the independence testing of security products such as the secure database management system (SDBMS)，the product must satisfy the requirement of the security policies in addition to the requirement of the product specification, which describes the objects and the measurement of the protection. Since the behaviors of security products are more precisely described in the security models instead of the specifications, the authors provide a test case generation method based on the formal security policy model. The method include the generation of the test specification based on the formal security policy model, the test space partitioning based on both the grammar and rules; partitioning rule based on the type and the combination principles. The method is more likely to find the fault and error in the product than in manual testing, and it helps the automation of testing and improves the efficiency.