Automatic Security Detection for Access Control Based on Guided Deep Testing
DOI: 10.23977/jnca.2016.11007 | Downloads: 37 | Views: 4364
Zou Peng 1, Chen Liang 1, Xiong Dapeng 1, Wang Peng 1
1 Academy of Equipment, Beijing, China
Corresponding AuthorXiong Dapeng
Security detection for access control model by testing whether there is permission leakage, is the key measure to evaluate access control system security. Traditional security verification measure mainly relied on artificial analysis, which is low efficiency and heavy workload. Thus we study on the automatic security detection technology. To avoid the blindness of the test, we propose an improved detection method based on guided deep testing. The novel method improve the test efficiency by reducing the search path.
KEYWORDSsecurity detection, access control, permission leakage.
CITE THIS PAPER
Dapeng, X. , Liang, C. , Peng, W. and Peng, Z. (2016) Automatic Security Detection for Access Control Based on Guided Deep Testing. Journal of Network Computing and Applications (2016) 1: 42-46.
 Morisset C, Oliveira A S D. Automated Detection of Information Leakage in Access Control[J]. Second International Workshop on Security and Rewriting Techniques - SecReT 2007, 2007.
 Harrison M A. Protection in operating systems[J]. Acm Sigops Operating Systems Review, 1976, 19(9):14-24.
 Li N, Tripunitara M V. Security analysis in role-based access control[J]. Acm Transactions on Information & System Security, 2006, 9(4):391-420.
 Si Tiange , Tan Zhiyong , and Dai Yiqi. A Security Proof Method for Multilevel Security Models[J]. Journal of Computer Research and Development,2008,45(10):1711-1717.
 LIN Bo-gang. Model analysis of information system security field for Lattice expansion[J]. Journal on Communications, 2009, 30(10):9-14.
 Che Tianwei, Wang Chao, Li Na.An theory of access control based on security entropy[J]. Network Security, 2014(5):158-159.