Conformance Testing of Balana: An Open Source Implementation of the XACML3.0 Standard
نویسندگان
چکیده
As a new generation access control method, Attribute-Based Access Control (ABAC) has gained increasing attention. Currently, Balana is the only open-source implementations of XACML 3.0, which is an OASIS standard for specifying ABAC. Considering that XACML is much more complex than traditional access control models, conformance testing of any XACML implementation is an important problem. Using a non-conformance implementation may lead to misunderstanding of access decisions or even security violations. This paper presents an approach to conformance testing of Balana, focusing on the main elements of the XACML3.0 language, such as targets, rules, policies, and policy sets. In particular, we have thoroughly tested the key rule combining algorithms in policies and policy combining algorithms in policy sets. This has revealed several conformance issues. Keywords—attribute-based access control; Balana; conformance testing; decision tables; XACML.
منابع مشابه
Interoperabolity Events Complementing Conformance Testing Activities
Euclid of Alexandria, the most prominent mathematician of antiquity, is also the leading mathematics teacher of all times due to his treatise on mathematics, ’The Elements’. When once asked whether there wasn’t an easier way to study geometry than ’The Elements’, Euclid was said to respond: ’There is no royal road to geometry’. Interoperability is what most standards are about. It is the only t...
متن کاملA Software Tool for Reading DICOM Directory Files
DICOMDIR directory files are useful in medical software applications because they allow organized access to images and information sets that come from radiological studies that are stored in conformance with the digital imaging and communication in medicine (DICOM) standard. During the medical application software development, specialized programming libraries are commonly used in order to solv...
متن کاملContinuous Integration with Architectural Invariants
Software erosion is a common problem in larger software projects [3, 5]. As a code base grows, more effort needs to be invested to keep an implementation aligned with its intended architecture. Designers may need to introduce new architectural guidelines as existing ones no longer fit the complexity or the purpose of the project. The code base is then gradually refactored in order to conform to...
متن کاملA Tool for Testing Compliance with CIP4’s Interoperability Conformance Specifications
Job Definition Format (JDF) is a relatively young industry standard developed by The International Cooperation for the Integration of Processes in Prepress, Press and Postpress (CIP4). JDF specifies a data format for describing print jobs and exchanging production information between systems in the print production workflow. Most vendors in the printing industry today offer “JDF-enabled” produc...
متن کاملA formal approach to conformance testing
In order to assure successful communication between computer systems from different manufacturers, standardized communication protocols are being developed and specified. As a next step implementations of these protocols are needed that conform to these specifications. Testing is a way to check correctness of protocol implementations with respect to their specifications. This activity is known ...
متن کامل