A Security Function Test Suite Generation Method Based on Security Policy Model

Zhang Min, Feng Dengguo, and Chen Chi

Journal of Computer Research and Development > 2009 > 46(10): 1686-1692.

Zhang Min, Feng Dengguo, and Chen Chi. A Security Function Test Suite Generation Method Based on Security Policy Model[J]. Journal of Computer Research and Development, 2009, 46(10): 1686-1692.

Citation:

Zhang Min, Feng Dengguo, and Chen Chi. A Security Function Test Suite Generation Method Based on Security Policy Model[J]. Journal of Computer Research and Development, 2009, 46(10): 1686-1692.

Citation:

Zhang Min, Feng Dengguo, and Chen Chi. A Security Function Test Suite Generation Method Based on Security Policy Model[J]. Journal of Computer Research and Development, 2009, 46(10): 1686-1692.

PDF (906 KB)

A Security Function Test Suite Generation Method Based on Security Policy Model

Zhang Min, Feng Dengguo, and Chen Chi

(State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing 100190)

More Information

Published Date: October 14, 2009

Graphical Abstract

Abstract

Abstract

The third-party independent security function testing is one essential step of the security evaluation of security products. Generally the test case generation of independence testing is based on the product specification. However, in the independence testing of security products such as the secure database management system (SDBMS)，the product must satisfy the requirement of the security policies in addition to the requirement of the product specification, which describes the objects and the measurement of the protection. Since the behaviors of security products are more precisely described in the security models instead of the specifications, the authors provide a test case generation method based on the formal security policy model. The method include the generation of the test specification based on the formal security policy model, the test space partitioning based on both the grammar and rules; partitioning rule based on the type and the combination principles. The method is more likely to find the fault and error in the product than in manual testing, and it helps the automation of testing and improves the efficiency.
- security policy model,
- security functional test,
- test case generation,
- test automation,
- type-based partition

FullText(HTML)

References (0)

[1]	Su Ning, Guo Junxia, Li Zheng, Zhao Ruilian. EFSM Amorphous Slicing Based Test Case Generation[J]. Journal of Computer Research and Development, 2017, 54(3): 669-680. DOI: 10.7544/issn1000-1239.2017.20151053
[2]	PanWeifeng, LiBing, ZhouXiaoyan, HePeng. Regression Test Case Prioritization Based on Bug Propagation Network[J]. Journal of Computer Research and Development, 2016, 53(3): 550-558. DOI: 10.7544/issn1000-1239.2016.20148329
[3]	You Feng, Zhao Ruilian, Lü Shanshan. Output Domain Based Automatic Test Case Generation[J]. Journal of Computer Research and Development, 2016, 53(3): 541-549. DOI: 10.7544/issn1000-1239.2016.20148045
[4]	Chen Donghuo, Liu Quan. Generation of Test Cases Based on Symbolic Execution and LTL Formula Rewriting[J]. Journal of Computer Research and Development, 2013, 50(12): 2661-2675.
[5]	He Yanxiang, Chen Yong, Wu Wei, Xu Chao, and Wu Libing. Automatically Generating Error-Traceable Test Cases Based on Compiler[J]. Journal of Computer Research and Development, 2012, 49(9): 1843-1851.
[6]	Wang Jianmin and Cai Yuan. Automated Test Data Generation Using Evolutionary Algorithm Based on Maintaining Population Diversity[J]. Journal of Computer Research and Development, 2012, 49(5): 1039-1048.
[7]	Liu Xinzhong, Xu Gaochao, Hu Liang, Fu Xiaodong, Dong Yushuang. An Approach for Constraint-Based Test Data Generation in Mutation Testing[J]. Journal of Computer Research and Development, 2011, 48(4): 617-626.
[8]	Tao Qiuming, Zhao Chen, Wang Yongji. An Automated Method of Test Program Generation for Compiler Optimizations Based on Process Graph[J]. Journal of Computer Research and Development, 2009, 46(9): 1567-1577.
[9]	Li Junyi, Li Renfa, Sun Jiaguang. An Automated Test Data Generation Algorithm Based on Selective Redundancy[J]. Journal of Computer Research and Development, 2009, 46(8): 1371-1377.
[10]	Yuan Jiesong, Wang Linzhang, Li Xuandong, and Zheng Guoliang. UMLTGF: A Tool for Generating Test Cases from UML Activity Diagrams Based on Grey-Box Method[J]. Journal of Computer Research and Development, 2006, 43(1): 46-53.