Education, Science, Technology, Innovation and Life
Open Access
Sign In

Automatic Security Detection for Access Control Based on Guided Deep Testing

Download as PDF

DOI: 10.23977/jnca.2016.11007 | Downloads: 37 | Views: 3935

Author(s)

Zou Peng 1, Chen Liang 1, Xiong Dapeng 1, Wang Peng 1

Affiliation(s)

1 Academy of Equipment, Beijing, China

Corresponding Author

Xiong Dapeng

ABSTRACT

Security detection for access control model by testing whether there is permission leakage, is the key measure to evaluate access control system security. Traditional security verification measure mainly relied on artificial analysis, which is low efficiency and heavy workload. Thus we study on the automatic security detection technology. To avoid the blindness of the test, we propose an improved detection method based on guided deep testing. The novel method improve the test efficiency by reducing the search path.

KEYWORDS

security detection, access control, permission leakage.

CITE THIS PAPER

Dapeng, X. , Liang, C. , Peng, W. and Peng, Z. (2016) Automatic Security Detection for Access Control Based on Guided Deep Testing. Journal of Network Computing and Applications (2016) 1: 42-46.

REFERENCES

[1] Morisset C, Oliveira A S D. Automated Detection of Information Leakage in Access Control[J]. Second International Workshop on Security and Rewriting Techniques - SecReT 2007, 2007.
[2] Harrison M A. Protection in operating systems[J]. Acm Sigops Operating Systems Review, 1976, 19(9):14-24.
[3] Li N, Tripunitara M V. Security analysis in role-based access control[J]. Acm Transactions on Information & System Security, 2006, 9(4):391-420. 
[4] Si Tiange , Tan Zhiyong , and Dai Yiqi. A Security Proof Method for Multilevel Security Models[J]. Journal of Computer Research and Development,2008,45(10):1711-1717.
[5] LIN Bo-gang. Model analysis of information system security field for Lattice expansion[J]. Journal on Communications, 2009, 30(10):9-14.
[6] Che Tianwei, Wang Chao, Li Na.An theory of access control based on security entropy[J]. Network Security, 2014(5):158-159. 

Downloads: 676
Visits: 48868

Sponsors, Associates, and Links


All published work is licensed under a Creative Commons Attribution 4.0 International License.

Copyright © 2016 - 2031 Clausius Scientific Press Inc. All Rights Reserved.